Security is essential for a business. However, on the other hand, security is something we all wish would just happen by itself. We don’t want to spend much time adjusting settings or fixing problems. We just want our devices and data to be safe as if by magic. At least I do. And companies do not wish to appoint too many resources to the management of security, but wish to find a cost-efficient but still totally reliable way to handle security.
Since joining the company a few months back, I have had the pleasure to listen to many talented and extremely enthusiastic people talk about security – and the solutions related to it. In these months I think I have learned more about the security threats and how to prevent them than in all the years of my working life so far. One of the key learnings is that the foundation of security is to have the right tools for all levels of security.
Wouldn’t you want to stay on top of this all 24/7, but effortlessly? For that, you need a central, holistic security management tool. Without it, this can all be too hard and time-consuming and you would need a lot of resources to take care of the security issues.
Luckily, this can all be very easy with the right tool. F-Secure Policy Manager is a security management tool that lets you shift your security to autopilot. As Yoshito Sato from Green House company puts it: ”We do not have to worry if each computer is secure or not anymore”.
If you're in business, you have enemies -- and they're trying to get into your network. For-profit malware authors after baking information or files for extortion want in. Script-kiddies want in because mayhem is their game. And if you're large enough, criminals seeking data about your customers for espionage want in too. "For instance, if you're a law firm," F-Secure Labs Senior Researcher Jarno Niemelä said in a recent webinar, "your clients might be interesting." And it's not just the clients of lawyers, who may be "interesting". He noted companies that specialize in car rental, car leasing, cleaning and catering all have customers that are attractive targets for your enemies. In order for an attack to be successful, the attacker must first get information about his or her targets. And the worst part is we may be letting our enemies in. Here are the 5 most common methods that is done: 1. Email. Spam is designed to hit anyone and only needs to work a tiny fraction of the time. A spear phishing attack was designed to get you. 2. Hacked websites. Like a lion hiding in a savannah, the best attackers infect a website you're likely to visit -- naughty and not naughty -- and wait for you to become their prey. 3. Search Engine Poisoning. Criminals target a specific search term and tries to drive an infected site up the Google rankings. 4. Traffic Injection. These more advanced attacks hijack your traffic and send it to a router controlled by the enemy. Once you've become the victim of a man-in-the-middle attack any web site you visit could be infected just for you. 5. Social engineering. What your enemy lacks in technical savvy, s/he could make up with the ability to fool you. 6. Affiliate marketing. Some criminals -- and intelligence agencies -- simply buy their victims in bulk. Jarno calls it "the digital slave trade". Of course, these aren't the only ways into your network. Jarno also explained how offline attacks through external drives, for instance, can provide access. But these are the six most likely ways your enemies will find their way in your network. And you should have some idea what they're up to, since their success depends on your mistakes. Cheers, Sandra
This is the first in a series of posts about Cyber Defense that happened to real people in real life, costing very real money. A rainy, early spring day was slowly getting underway at a local council office in a small town in Western Poland. It was a morning like any other. Nobody there expected that this unremarkable day would see a series of events that would soon affect the entire community... Joanna Kaczmarek, a Senior Specialist in the council’s Accounting Department, rushed into her office a little late, but in a good mood nonetheless. Before getting down to work, she brewed herself a cup of coffee and played some music on her computer. Several days earlier, she had finally installed a music app on her PC so she could listen to her favourite tunes while she worked. This had taken some effort though, as she had needed administrator’s access to her computer. It took a lot of pleading and cajoling, but after a week the IT guy finally gave in. Joanna had no idea that she was opening a dangerous gap in the council’s IT system. That morning, Joanna launched, as she had countless times before, a government issued budget management application. With a few clicks, she made a transfer order for nearly twenty thousand zloty. The recipient of the money was a company that had won the contract for the renovation of a main road in the town. The whole operation took seconds. Two days later, the owner of the company phoned Joanna, asking about the advance he was supposed have received. “I can’t get the work started without that money”, he complained in an annoyed voice. Joanna was a little surprised and contacted the bank. The bank confirmed the operation, saying that there was nothing suspicious about it. Joanna, together with the Head of the IT Department, carefully ran back over the events of the day of the transfer. They found nothing out of the ordinary, so started checking what was happening on Joanna’s computer around the time before the transfer date. They soon found something: nearly a week prior to the date of the missing transfer, Joanna had received an email from the developer of the budget management software. For Joanna, the message hadn’t raised any red flags; the email contained a reminder about a software update and looked very legitimate. It contained the developer’s contact data, logo and telephone number. Everything was in order… Everything except for a change of one letter in the sender’s address. Joanna hadn’t noticed – a “t” and an “f” look so alike when you read quickly, don’t they? Unaware of the consequences, Joanna followed the link that was to take her to the update website. With just one click of her mouse she started a snowball of events that ultimately affected each and every resident of the town. Instead of the “update”, she downloaded dangerous spyware onto her computer. In this way, the cybercriminals who orchestrated the attack learnt that the woman was a Senior Specialist in the Accounting Department and was responsible for transferring money, including EU funds. The thieves lured Joanna into a digital trap, tricking her into installing software that replaced bank account numbers “on the fly”. As she was processing the transaction, the hackers replaced the recipient’s account details with their own, effectively stealing the money. Joanna would have been unable to install the fake update if she hadn’t obtained the administrator’s rights she’d needed for her music app. All she had wanted was to listen to some music while she worked. If only she had known what the consequences would be... After the attack was discovered, the Police launched an investigation. Joanna was just one of many victims. Investigators discovered that the malware infection was likely to have targeted computers used by local government workers in hundreds of municipalities across Poland. Law enforcement authorities haven’t officially disclosed how much money was stolen, but given the fact that losses may have been underreported, the estimated figures are in the millions of zlotys. On the top of that, Joanna’s town had to wait months for the completion of the roadwork. This was one of the largest mass cyber-attacks against local government in Poland. It certainly won’t be the last one... For small and medium sized enterprises, the average financial loss as the result of a cyber security incident is on average 380 000€. The risk and the lost is real. Don’t be an easy target. We help businesses avoid becoming an easy victim to cyber attacks by offering best in class end-point protection and security management solutions trusted by millions.
What smells so good? Could it be history? On Tuesday, F-Secure's corporate security team traveled to Dresden to pick up its fourth straight Best Protection award from AV-Test.org. We are now the only vendor in the history of the award to win the honor four years in a row. “Since 2011, F-Secure's security product has been a guarantee of high protection in corporate environments,” says Andreas Marx, CEO of AV-TEST. That's four years straight of the industry's best protection in a solution that provides the technology that's the basis for all of our security solutions. Success like this doesn't just mean we're good once in a while. It means we're the best every day, as the award goes to the solution that provides the most consistent protection throughout the year. We blocked 955 out of 958 real-world threats -- a 99.67 percent blocking rate -- and 112,059 out of 112,090 wide-spread malware with an astounding 99.97 percent blocking rate. That means we're about 2.67 - 2.97 percent above the industry standard. All this means if you don't use F-Secure, you could be exposing your business to thousands of more possible infections every month. You can compare these results to our competitors here. How do we do it? It's kind of like building the perfect sandwich. F-Secure Client Security layers antivirus on top of firewall on top of antispyware on top of rootkit scanning. We slather on the browsing protection to block dangerous websites. But it's not enough to block the threats we know about. That's where the secret sauce comes in. Our DeepGuard engine provides protection that reads criminals minds. As AV-Test's Andreas Marx said, “F-Secure is secure, innovative, and straightforward.” Excuse us. This is making me very hungry. We need to take a bite. Cheers, Sandra