忍者ブログ

Taking the bite out of the non-malware threat

Another round of viral attacks apparently masquerading as ransomware brought operations across industries to a halt last week. And the targets were anyone from multinational shipping corporations to even Chernobyl, of all places.
Following WannaCry and what appears to be the wiper mimicking the 2016 ransomware Petya, three things have become reliably predictable:
In conversations with enterprises large and small, I get asked how to stop a ransomware or malware attack 42 times a day;
No matter how many layers of defense you’ve deployed and how responsible users at your company are, you may still get hit Best Restaurants in Hong Kong;
Everyone now offers an infallible product to protect all the things against everything. The problem is gone for as low as free, averaging somewhere around $20. So that’s easy: click, sign up, done.
Oh wait… After getting a new anti-virus and upon further reading, you now must ensure that:
All your employees do regular backups;
All your employees disable macros;
All your employees religiously update their devices to ensure their OS, AV, Flash, Java and browsers are solid;
All your employees enable “show file extensions” (assuming you have figured out how to make sure your team understands the meaning of “file extension”);
We all click on and open the right things only;
All corporate systems are patched… (I mean remain patched just as they have always been, right?);
Train — retrain — train — retrain — train;
Use strong passwords that can’t be brute-forced;
Block Tor.
There are also suggestions that we could use artificial intelligence at extended end points that (of course) cannot be beaten because there is no reliance on heuristics or signatures, which is to say it’s not just antivirus anymore.
As always, the response to a security event of a global magnitude is stamping “anti the thing in the news” on a product and chasing flashing lights. We are now 17 years removed from the I LOVE YOU worm luring unassuming users with promises of Anna Kournikova’s photos, and yet we have another piece of malware knocking off nuclear power plants and multinational oil and shipping companies.
While not a new challenge, one would think the sheer scale of these attacks should inspire behavior change and generate more new solutions. Yet, we get the same recipe as we’ve heard over the past 20 years — deploy tools in the network to catch suspicious events, train your employees, back up your data, segment your networks and use the best anti-virus.
So first of all, anti-virus is dead.
Okay, dying. Every week my team talks to companies that have liberated themselves from this shell game. However scary that may be, it is bad tech that only feeds the underlying problem.
Deploying network security tools.
Yes, you probably have to do some of this while keeping in mind that these are merely speed bumps that do have certain value. What’s important is to stay nimble and ready to switch providers on the fly understanding that you can/should only jam so much on your endpoints.
Training your team to only open and click on the things that are not harmful Propecia.
Take it from someone with 20 years of information security experience — not practical advice. Flip that script and operate knowing that your employees will and should click on and open things that are bad. Why? Because the current state of phishing is juvenile and, inevitably, the sophistication of attacks will increase in direct proportion to the efficacy of any training program. Build processes that enable your team to do their work and make mistakes.
Backing up data is not a new thing nor is the challenge of protecting these backups.
It used to be that storage was so deep in the network onion that most organizations treated storage security like hardware security — if someone has access to my storage array, they already have access to everything. But things have changed with cloud backups, which is why more thought needs to be given to what actually is worth storing and protecting. With almost 70 percent of stored corporate data having no or negligible business or regulatory value, attempting to protect these massive amounts of data makes no practical or security sense.
Of course, the big data economy encourages companies — big and small — to save and protect everything even though the math tells a different story. Perhaps the real important debate is whether liability will transfer to a cloud provider that encourages its customers to store and make available for search all of their communications and knowledge.
When in response to a malware attack global enterprises with great resources end up shutting down their systems, including critical communications, and move to employees’ personal devices for texts and emails, it is time to rethink the game of storing everything, which is making us more vulnerable and exposed.
Anyone knows that you cannot lose what you don’t have. By the same token, if you are in control of your data that is not stored server-side and expires when it’s no longer needed, a task of protecting less information that does need to be recorded becomes increasingly more manageable. When you build reliably ephemeral operations that are not dependent upon the hope that storing everything may someday prove useful, the notice that “the files expiring in a week are encrypted and will be deleted unless…” just doesn’t have the same teeth cloud computing.
The bottom line is that the recent wave of viral malware attacks is nothing than more of the same. Email is vulnerable, network security is difficult, anti-virus is nowhere near being effective and everyone has a best product that will fix all of the things on the network or your endpoints. There will almost certainly be the next “NotPetya,” probably sooner than we expect. Why not flip the equation?
Use math to your advantage. Encrypt your communications and data proactively. Deploy tools to verify participants in critical communications.
Perhaps most importantly, understand that just because recorded communications have been the norm in the past 10 years, it doesn’t mean that we have to work in the paradigm that is no longer justified by current security environment. Ephemeral communication tools provide you the opportunity to rely on math to take control over your communications, how long it lives and how long it is accessible to intended recipients only. So you no longer have to protect all the things. Your move now.
PR

I miss you so much

The lights in front of the face, big real lonely bed, the lights are all the same, heart injury is unable to share life with, monthly flow, with white hair old, as you go along with the past pale to have no news of happiness, with dreams, sleep, gradually with the paralysis of the heart, I miss you you want to, but without a trace, I tiptoed miss, I also allow memory overhead, I shut eyes, tears, I pretended to be indifferent, I miss you, deceive myself, I miss you, miss you, as a secret, I miss you, miss you, deep reservoir in the heartman t shirt......

Autumn light, cool, a lonely let autumn mild with a hint of sadness. This is a harvest season, eyeful is unspeakable melancholy. Listen to the soda green soulful singing "I miss you", the heart, a kind of unspeakable pain across, from spring to summer, full of hope in the wall side, in the ancient romantic bridges, in poetic amidst the upstairs, in the wine glass time, happy, sad, happiness, hesitation, weaving a Que fine lines, let the four seasons fragrance, let time confused, sometimes need to pretend happy, happiness is brave, but the life must be strong furnished apartments for rent!

The house is flowing in the stifling air, memories have become silent, pain, but can't let a person to listen to the song melancholy serenade, lonely and quiet time rolls on computer writing poems, court rain was a picture, let the sun gradually clear. Forgetting is so difficult, even painful thoughts and intertwined, still do not believe that it is a dream, a memory imprint is engraved on my heartgarage storage systems......

Silent and dark night, a faint light in the window, open the eyes confused, if the blinking stars bewitch thoughts, happiness, review, fragments, like film playback in the past, time reversal, memory opened his eyes, the pupil is scattered more poems tingling, a nd the light Miss twist into pieces, suddenly found, lost yesterday but we want tomorrow, and time has not reversed, even meet has become the most luxurious and romantic dream.

Erakovic and Black made Carlsbad semis


New Zealand tennis No.1 Marina Erakovic and Zimbabwean partner Cara Black have scored an upset to make it through to the semi-finals of the Southern California Open in Carlsbadip networking HK.

The pair beat the second-seeded combination of American Liezel Huber and and Spaniard Nuria Llagostera Vives 6-4 3-6 12-10 in a 1hr 40min contestphone cover cases.

The win sets up a meeting with the No.3 seeds, Americans Raquel Kops-Jones and Abigail Spearsbeauty wigs.

So far this year, Erakovic and Black have reached the final of tournaments in Madrid, Strasbourg and Birmingham, and the French Open quarter-finals.

Spain's Marquez wins German MotoGP


Spanish rookie Marc Marquez earned his second win of the season with victory at the German MotoGP at Sachsenring on Sunday to go top of the championship standings.

The 20-year-old hit the front early and built up his lead to claim victory with Britain's Cal Crutchlow second and six-times world MotoGP champion Valentino Rossi third thailand real estate.

Marquez's winning time was 41min 14.653sec over the 30 laps with Crutchlow 1.559s back and Rossi coming home more than nine seconds further back.

With title leaders Dani Pedrosa and Jorge Lorenzo both absent after collarbone injuries, pole sitter Marquez lost ground at the start to find himself fourth by the first bend.

But he hit back, taking the lead from home hero Stefan Bradl along the main straight on the third lap.

Marquez, in his first MotoGP campaign, was following up his Grand Prix of the Americas victory in Texas in April. He has finished on the podium in all seven races he has finished in 2013, his retirement at the Italian MotoGP the only blot.

Victory allowed Marquez to overtake compatriot and Honda teammate Pedrosa, who was forced out after fracturing his collarbone in Saturday's practice, to go top of the world standings with 138 points - two clear of Pedrosa.

Reigning world champion Lorenzo was ruled out of the race on Friday, when he injured the same left collarbone he broke two weeks ago and underwent surgery on Saturday in Barcelona to reinsert a supporting plate.

"I'm happy, it's great to win, but you shouldn't forget that both Pedrosa and Lorenzo weren't here," said Marquez.

"I hadn't expected to control the race like that ."

Both Yahama Tech 3's Crutchlow and Rossi on the Yahama factory bike complained about losing grip on their rear tyres, but the British rider produced a brave performance after twice crashing in Friday's practice session.

"I was trying to catch him (Marquez). I had a good start, even though it might not have looked like it. I struggled a bit with the rear tyre," said Crutchlow who raced with an injured hand.

"I am pleased with the finish position we had here, having come off the floor twice on Friday.

"It's not been a great weekend and I admit I don't feel great."

Rossi, who picked up his first win for three years a fortnight ago in Assen, admitted he had hoped to finish higher.

"I am happy, but I had thought I'd do better," said the 34-year-old.

"I had a few problems with the rear tyres - we just have to keep working hard."

Embattled CSKA Sofia find new owners


Debt-ridden CSKA Sofia, one of Bulgaria's most popular football clubs, finally managed to find new owners to snatch it from the brink of insolvency on Wednesday, the club said machine made sequin embroidery.

"Today we signed an agreement to transfer the ownership of CSKA to the group 'Red Champions.' The club's shares were already deposed with the buyer," a statement on CSKA's website said.

The "Red Champions" initiative - comprising seven businessmen and keen CSKA fans who refused to be named - will take over all operations at the club as of Thursday, even though the deal still requires approval by Bulgaria's competition watchdog, the club added.

The new owners have said they will cover 10-11 million leva ($A7.1-$A7.9 million) - or about half - of CSKA's debts to its players and to the Bulgarian tax authorities.

The old owners Titan will take or write off the rest wine tasting.

The move rescues the club from the brink of insolvency after what media called the most dramatic episode in the 31-time Bulgarian champions' history.

Fans almost lost hope after Bulgarian and Barcelona legend Hristo Stoichkov said on Monday that he was quitting just over a month after taking over as coach, citing the former owners' "endless lies" that they would find money for the club.

Uncertainty over CSKA's fate less than two weeks before the start of the new season also prompted angry rallies by fans in Sofia and outside the headquarters of the Bulgarian Football Union in recent weeks.

CSKA has been hit by severe financial difficulties and frequent changes of coach in recent years and fans counted on Stoichkov to save the club.

A representative of the new owners, Aleksander Todorov, told state BNT television this week that ex-manager and crowd favourite Stoycho Mladenov had agreed to return as coach Asian college of knowledge management.

This would be the fourth stint at CSKA's helm for the 56-year-old, who has already led the side to two Bulgarian league titles, in 2003 and 2008.

カレンダー

11 2018/12 01
S M T W T F S
1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31

フリーエリア

最新コメント

[12/24 fake necklace van cleef arpels]

プロフィール

HN:
No Name Ninja
性別:
非公開

バーコード

ブログ内検索

P R