Managing security is neither hard nor time consuming

Security is essential for a business. However, on the other hand, security is something we all wish would just happen by itself. We don’t want to spend much time adjusting settings or fixing problems. We just want our devices and data to be safe as if by magic. At least I do. And companies do not wish to appoint too many resources to the management of security, but wish to find a cost-efficient but still totally reliable way to handle security.

Since joining the company a few months back, I have had the pleasure to listen to many talented and extremely enthusiastic people talk about security – and the solutions related to it. In these months I think I have learned more about the security threats and how to prevent them than in all the years of my working life so far.  One of the key learnings is that the foundation of security is to have the right tools for all levels of security.

Image

  • End-point protection protects you from internet threats. According to F-Secure Threat Report H2/2012, the most common way to get hit by malware is browsing the web.
  • Server protection keeps your content safe from spam, malware and other threats. Protecting servers certainly doesn’t sound like a hot topic, but talking to our product managers, it actually is something much more interesting than you would first think.
  • Email protection safeguards your communication. Even though email no longer is the number one target for attacks, due to its frequent and wide use, email protection is still as relevant as ever. Talking to one of our sales engineers just the other day, I was shown some stunning examples of how reliable and trustworthy spam mail can actually look like! Forget about the typical “Click here for this unbelievable one-time offer” type of obvious attempts… – Spam today is much more sophisticated.
  • Web filtering protects your identity and reputation. The Threat Report additionally states that some types of hosting sites are favored by criminals and recently, dynamic DNS providers have been the fastest growing target for malware hosting. 87% of the domains supported by one of the top 3 dynamic DNS providers hosted malicious content. Think – 87%! Cannot be very good for the DNS provider’s reputation…

Wouldn’t you want to stay on top of this all 24/7, but effortlessly? For that, you need a central, holistic security management tool. Without it, this can all be too hard and time-consuming and you would need a lot of resources to take care of the security issues.

Luckily, this can all be very easy with the right tool. F-Secure Policy Manager is a security management tool that lets you shift your security to autopilot. As Yoshito Sato from Green House company puts it: ”We do not have to worry if each computer is secure or not anymore”.

Cheers, Eija

More posts from this topic

Cyber Security Base

Want to become a Cyber Security Expert?

Cyber security is becoming a huge industry. After all, the data breaches, cyber espionage, and ransomware infections you read about the news are hardly good things. Companies are now making big investments in putting a stop to these problems. That means jobs. And cyber security jobs are generally pretty good. One recent study points out that cyber security jobs pay almost 10% more than other IT positions. And because more companies are hiring more cyber security specialists, and because the cyber security industry is expanding rapidly, it’s a good time to start thinking about getting into the field. Cyber Security Base with F-Secure is a course series created by F-Secure and the University of Helsinki. The series aims to get potential cyber security experts into the workforce by giving them the basic training they need for entry-level cyber security positions. The course series, conducted through the University of Helsinki’s MOOC, is open to the general public as well as existing IT students. The material will be taught in English and can be completed entirely online, making it useful for people all over the globe. There are no formal prerequisites required for enrollment. However, a basic understanding of coding, how the internet works, and internet security are necessary to understand the course content. Participants can expect to learn about the following topics: Building secure software systems Using tools to analyze flaws in software EU legislation relevant to cyber security Performing risk and threat assessments on existing systems The course series is well suited to people with an active interest in information technology, students currently pursuing a computer science degree, or current IT professionals interested in specializing in cyber security. Participants that perform well and complete the series will have the skills necessary to work as junior consultants in the cyber security industry. Cyber Security Base with F-Secure begins on October 25th, 2016. Anyone interested in the course series can sign up here for updates and other news.

September 11, 2016
BY 
ransomware gangs, cybercrime unicorn

Could Criminals Make A Billion Dollars With Ransomware?

Bitcoin has not only changed the economics of cybercrime by providing crooks with an encrypted, nearly anonymous payment system autonomous from any central bank. It's also changed researchers' ability to track how much money criminals are making. "Bitcoin is based on Blockchain, and Blockchain is a public ledger of transactions. So all Bitcoin transactions are public," explains Mikko Hyppönen, F-Secure's Chief Research Officer. "Now, you don’t know who is who. But we can see money moving around, and we can see the amounts." Every victim of Ransomware -- malware that encrypts files and demands a payment for their release -- is given a unique wallet to transfer money into. Once paid, some ransomware gangs move the bitcoins to a central wallet. "We've been monitoring some of those wallets," Mikko says. "And we see Bitcoins worth millions and millions. We see a lot of money." Watching crooks rake in so much money, tax-free, got him thinking: "I began to wonder if there are in fact cybercrime unicorns." A cybercrime unicorn? (View this as a PDF) A tech unicorn is a privately held tech company valued at more than a billion dollars. Think Uber, AirBNB or Spotify -- only without the investors, the overhead and oversight. (Though the scam is so profitable that some gangs actually have customer service operations that could rival a small startup.) "Can we use this comparison model to cybercrime gangs?" Mikko asks. "We probably can’t." It's simply too hard to cash out. Investors in Uber have people literally begging to buy their stakes in the company. Ransomware gangs, however, have to continually imagine ways to turn their Bitcoin into currency. "They buy prepaid cards and then they sell these cards on Ebay and Craigslist," he says. "A lot of those gangs also use online casinos to launder the money." But even that's not so easy, even if the goal is to sit down at a online table and attempt to lose all your money to another member of your gang. "If you lose large amounts of money you will get banned. So the gangs started using bots that played realistically and still lose – but not as obviously." Law enforcement is well aware of extremely alluring economics of this threat. In 2015, the FBI’s Internet Crime Complaint Center received "2,453 complaints identified as Ransomware with losses of over $1.6 million." In 2016, hardly has a month gone by without a high-profile case like Hollywood Presbyterian Medical Center paying 40 Bitcoin, about $17,000 USD at the time, to recover its files. And these are just the cases we're hearing about. The scam is so effective that it seemed that the FBI was recommending that victims actually pay the ransom. But it turned out their answer was actually more nuanced. "The official answer is the FBI does not advise on whether or not people should pay," Sean Sullivan, F-Secure Security Advisor, writes. "But if victims haven’t taken precautions… then paying is the only remaining alternative to recover files." What sort of precautions? For Mikko, the answer obvious. "Backups. If you get hit you restore yesterday’s backup and carry on working. It could be more cumbersome if it’s not just one workstation, if your whole network gets hit. But of course you should always have good, up to date, offline backups. And 'offline' is the key!" What's also obvious is that too few people are prepared when Ransomware hits. Barring any disruptions to the Bitcoin market, F-Secure Labs predicts this threat will likely persist, with even more targeted efforts designed to elicit even greater sums.  If you end up in an unfortunate situation when your files are held hostage, remember that you're dealing with someone who thinks of cybercrime as a business. So you can always try to negotiate. What else do you have to lose?

August 24, 2016
BY 
NanHaiShu_blogpost_image

Hadn’t We Figured the Whole Email Attachment Thing Out?

  F-Secure Labs recently released an analysis of the NanHaiShu Remote Access Trojan, which they believe was used to target "government and private-sector organizations that were directly or indirectly involved in the international territorial dispute centering on the South China Sea." So what does it look like when you're hit with a cyber attack that may involve some of the most powerful nations on earth? This: Pretty harmless, right? But click on that attachment and you've invited hackers -- possibly even attackers backed by a nation-state -- into your network. An attachment owning fools in 2016? The first piece of internet security advice you ever heard was probably, "Don't click on attachments you weren't expecting!"So who'd click on that?! Employees at prestigious international law firms, government agencies and possibly even the world's most powerful political parties. So how is this happening? Maybe it's a lesson that doesn't sink in, no matter how many times you've heard it. Or maybe cyber criminals have just gotten so good at tricking us with them that, like so many old threats, it's new again. Give that this method of infection is being used by attackers at the highest levels of cyber espionage, we have to assume the latter. Where attackers used to send mass emails out with infected attachments hoping to infect just a small percentage of the recipients, these new attacks utilize "spearphishing" techniques. "These are communications that appear legitimate — often made to look like they came from a colleague or someone trusted — but that contain links or attachments that when clicked on deploy malicious software that enables a hacker to gain access to a computer," The Washington Post explained. These emails are carefully crafted or "socially engineered" to seem relevant. Often, as in the case above, they play on our greatest desires, such as money in the form or salary or bonus information. One big reason attackers have gotten so much better at targeting us is that so many of us have decided to make details about our lives public via social media. This is why hackers love your LinkedIn profile. So should you scrub your profile and hide in a time capsule to avoid these attacks? You should definitely be mindful that strangers know more about you than ever and be wary of of strange email that seems overly eager to get you to click on a link or attachment. But these threats are so pervasive and potentially harmful, that they need to be addressed at an organizational level. Our Labs team put together a Threat Intelligence Brief with several recommendations for avoiding RATs like NanHaiShu, including disabling the opening of email file attachments sent from unverified sources as an enforced policy for all installed email programs. That way, you're unlikely to be the weak link that attackers are always looking for.  

August 11, 2016
BY