By: PointPitt
Business Security / Computer Security / Information Security / ITS SafeTM Security / Uncategorized
Comments: No Comments
Here are just a few of the situations IT Security Solutions has encountered when performing an assessment.
All of the comments are focused on organizations with more than 2 computers in their network, a Firewall and Virus protection on each computer. If this describes your organization, then your business could be at serious risk
Attackers exploit the distribution of Social Media channels to connect and control tens of thousands daily. To the intruders, this is like shooting fish in a barrel.
The above was written before the Pandemic put all of us in a Work from Home effort.
Before the Pandemic, there was a definite definition of security protecting the organization. This was how the security of the organization looked. However, the security of organizations evaporated during the Pandemic, see the figure just below.
Even the VPNs that connect back to the Office, bypass the firewall and are permitted directly. Think about the security at your employees’ homes. Is there any wonder why the attacks are concentrating now at home?
The part that is missing above is the lack of screening from employees and the use of VPNs. The VPN is intended to Mask the communications from one endpoint to the other while connecting over the Internet. VPNs do not protect the connection or the business. The Firewalls permit the VPNs to connect internally and do not filter any information. You may expect that the VPN protects your business, but this is not the case.
The VPN permits direct communications to the office and repeats the same situation that was exposed during the Target breach. The Target breach permitted the infected computer of the HVAC Vendor to get access to the entire network, and the credit card information. That was a recipe for disaster.
How many of the above items can you relate to? Do you have the tools we describe above? Do you want to prevent the attacks on your computers, or allow the Intruders to continue to have access to your environment? (prevention is the cure).
Bonus
Your network has likely evolved beyond the initial PCs, and Printers. Many networks have added WiFi, personal Devices, and many other Internet of Things (IoT) devices which have no protects either.
Our personal devices (cell phones, tablets) are never off of the Internet, and we insure that they have sufficient power at all times. We are now so dependent on these devices, that we also allow Business Communications on them as well.
This presents the opportunity for attackers to engage in our want for information, as well as the convenience of connecting to everyone (including high value targets), to get the access and information that they are seeking.
The critical problem here is that you cannot stop, what you cannot see. We have the tools and experience to highlight the unseen activities, and stop the attackers before they can succeed.
_______________________________________
IT Security Solutions, Inc. is a Pittsburgh based technology company with 25+ years of cyber security domain expertise catering to businesses of all sizes. The solutions offered range from technology security audits and penetration testing to continuous network scanning. The company recently launched ITS Safe™, a proprietary managed security solution that blocks hackers from attacking networks – the largest IT security threat facing businesses today.
Year after the year, the Pittsburgh business community recognizes IT Security Solutions, Inc. for their domain expertise and thought leadership in the cyber security space.
Contact IT Security Solutions to discuss how you will benefit by reviewing your security today.
www.IT-Security-Solutions.com www.ITS-Safe.com
412-889-6870 – info@IT-Security-Solutions.com
By: PointPitt
Comments: No Comments
A shift in the security paradigm needs to address the Unseen attacks in the environment. Detecting the Unseen activities in the environment explains why there are so many attacks being reported on a daily basis. The unseen attacks depend on the ability of the attackers to hide in plain sight. We will outline several of them here to uncover the unseen activities within almost every network[1].
Figure 1 – Scope of security Testing
The image above describes the current state of Security Tools, Techniques and Practices. While the traditional tools and techniques are all point in time application of practices, we can also classify them as reactionary practices as well. Let’s examine the methods outlined above.
Security Assessments (review of security for a host, a network, software or other asset) are only valid up to the time the report is generated. As soon as the observer generates the report, the Assessment of the environment ends, and it becomes stale[2]. This is a point in time observation.
Today’s Security Tools look for tomorrow’s attacks. Tools that security researchers and network testing teams all use to assess the activities inside the network are based on testing for Known threats[1], and how the environment will respond to the next attack. These tools test the environment for detecting known threats[2] on potentially new attacks.
The ITS SafeTMsecurity appliance is designed to Detect, Defend against, and Destroy IntrudersTM. While other tools and testing activities look for the future state of security in the organization, the ITS Safe appliance examines all activities to uncover and detect unwanted connections that were completed before you began the observation of environment[3].
Everyday around the world, new activities are discovered in new and existing equipment, software, and third parties to organizations. Firewalls are breached[4], Vendors we use are hacked[5], software we create is breached[6] and app we use on our phones are backdoors for attackers as well[7].
A comprehensive review of the cyber security digs deeper than reviewing the exposed 10-20% of the network, and actually reviews the active network as a comprehensive ecosystem.
IT Security Solutions recommends at least an annual Security assessment to determine the security posture and formal detection of internal activities.
IT Security Solutions, Inc. is a Pittsburgh based technology company with 25+ years of cyber security domain expertise catering to businesses of all sizes. The solutions offered range from technology security audits and penetration testing to continuous network scanning. The company recently launched ITS Safe™, a proprietary managed security solution that blocks hackers from attacking networks – the largest IT security threat facing businesses today.
As you can see there is much more than meets the eye when it concerns the security within your network. Call IT Security Solutions today, and let us help you protect your organization today!
www.IT-Security-Solutions.com – www.ITS-Safe.com
412-889-6870
info@IT-Security-Solutions.com
https://its-safe.it-security-solutions.com/contact-me
[1] Known threats are used in Virus scanners, network scanning, software analysis, and logfile monitoring tools.
[2] Security Tools cannot test for unknown threats because these events are currently not known.
[3] Think of this as reviewing the activities that are already active, that are not detected as tomorrow’s threats, because they are considered as part of the current environment.
[4] https://www.zdnet.com/article/sonicwall-says-it-was-hacked-using-zero-days-in-its-own-products/
[5] https://www.wired.com/story/solarwinds-hack-china-usda/
[6] https://www.nytimes.com/2021/01/06/us/politics/russia-cyber-hack.html
[7] https://www.helpnetsecurity.com/2020/03/06/hackers-target-consumers/
[2] The Security Assessment becomes stale because the users in the network add additional threats from their use of the environment.
[1] Every network we have examined include several of these activities, if not all of them.
By: PointPitt
Comments: No Comments
In the News this week, RDA Conference & my conference at Duquesne emphasize comprehensive security for small businesses, PA is #2 for the worst in Cyber security, Georgia County pays $400K for Ransomware, New POS Malware, Citrix is hacked. Lastly, if you are not testing your security, guess who is.
Wow! What a busy week.
Connect with us:
Albert Whale – Albert.Whale@IT-Security-Solutions.com
Jim Loeffler – jaloeffler@getintune.com
The mission of the Risk Avengers podcast is to discuss current cyber security issues, procedures for protecting your business, as well as Compliance requirements for business owners.
Our 10 minute format is designed to make it easy for listeners to get up to date on the current People, Processes and Problems for your Business.
The show is Hosted by Albert Whale, Founder & CEO of IT Security Solutions, and Jim Loeffler, President of InTune Business Advisors.
Join us to discover the road for improved security and protecting your business, be it small or global.
The information discussed on this podcast is presented for informational purposes only. It is not intended as nor does it constitute specific information security or accounting advice and should not be acted upon as such.