Author - admin

1
SIDN, NBIP warn small businesses of increased risk of DDoS attacks
2
Data will be flowing through the retail systems this Black Friday
3
Universities seeing rise in DDoS attacks
4
Players affected as online game ‘Final Fantasy XIV’ hit by ‘unprecedented’ cyberattacks
5
30 years ago, the world’s first cyberattack set the stage for modern cybersecurity challenges
6
Server Configuration Is Top Healthcare Software Vulnerability
7
81.5M Voter Records For Sale On Dark Web Ahead Of Midterm Elections
8
Man Ordered to Pay $8.6 Million for Launching DDoS Attacks against Rutgers University
9
How to secure your online business from cyber threats?
10
82% of security pros fear hackers using AI to attack their company

SIDN, NBIP warn small businesses of increased risk of DDoS attacks

Small and medium-sized businesses are much more at risk of DDoS attacks than many think, according to research by the Dutch domain registrar SIGN and the internet providers group NBIP. The two groups conducted research on the .nl websites affected by such attacks and the organisations affected. In total, 237 DDoS attacks were identified in the year to June 2018.

Web shops selling consumer goods such as clothes, cosmetics and garden equipment have a bigger chance of being hit by DDoS attacks, the research found. On average the resulting damage costs EUR 1.8 million.

A common cause is the use of shared hosting. To save costs, small online sellers often share a server with other websites. They are then affected if another site on the server is hit by an attack. The chance of collateral damage is 35 times higher in such a case.

The public sector and larger banks remain the most likely target of direct attacks. The study estimates the direct damage cost EUR 59.6 million, while collateral effects cost another EUR 10 million.

The damages are based on the 237 attacks identified and estimates for the consequences if the attacks succeeded. If no protective measures are taken, the total cost to society from DDoS attacks is estimated at EUR 1 billion per year.

Source: https://www.telecompaper.com/news/sidn-nbip-warn-small-businesses-of-increased-risk-of-ddos-attacks–1269808

Data will be flowing through the retail systems this Black Friday

Resellers that support the retail sector will be keeping a keen eye on how their customers react to the huge amounts of data that will be generated this coming weekend.

Resellers selling into the retail sector are about to go through one of the most stressful weeks of the year as their customers gear up for Black Friday.

With this weekend marking one of the main moments consumers spend big before Christmas the emphasis might be on getting the best deals but for those with an eye on the IT the next few days is going to be about data.

On the one hand that means making use of the data around offers and stock to ensure that customers get current information about what a retailer can offer.

“Last year Black Friday itself was worth a total of £2.5bn in sales to the UK economy. However, if retailers fail to stand out against the intense competition, Black Friday could well be a Bleak Friday for them,” said Chris Haines, director of consulting at Amplience.

“To make the most out of the week and the increasingly important Cyber Monday, retailers should be focusing on their digital content. Retail is steadily marching towards the web, and Black Friday this year will be fought out online and on mobile,” he added.

But it is also about ensuring that data is protected, particularly over some of the busiest days of the year.

“Thanks to the popularity of ecommerce sites and credit card payments, the Black Friday shopping season has become synonymous with a peak in credit card thefts, site spoofing and DDoS attacks. It’s as much an occasion for cyber criminals as it is for consumers looking for a bargain,” said Spencer Young, rvp EMEA at Imperva.

“Retailers must also take responsibility for investing time and effort in testing their security measures ahead of the season,” he added.

There are also dangers that some retailers will get caught out by different shopping patterns and Ajmal Mahmood, customer solution architect, KCOM, warned against wrongly interpreting the sales the go through the tills.

“Buying habits change during big sales events, with some consumers making more impulse purchases, some stocking up on discounted items and some simply shopping as usual. It’s prudent for retailers to isolate the data collected during sales events, to ensure that they don’t significantly affect their personalisation algorithms across the year,” he said.

Source: https://www.computerweekly.com/microscope/news/252452793/Data-will-be-flowing-through-the-retail-systems-this-Black-Friday

Universities seeing rise in DDoS attacks

Kaspersky Lab has noticed an overall decline in the number of DDoS attacks this year, which may be due to many bot owners reallocating the computing power of their bots to a more profitable and relatively safe way of making money: cryptocurrency mining.

However, there is still a risk of DDoS attacks causing disruption, despite attackers not seeking financial gain.

The Kaspersky Lab DDoS Q3 report marked a continued trend in attacks aimed at educational organisations, as they open their doors after a long summer and students head back to school.

Attackers were most active during the third quarter in August and September, proven by the number of DDoS attacks on educational institutions increasing sharply at the start of the academic year.

This year, the most prominent attacks hit the websites of one of the UK’s leading universities – the University of Edinburgh – and the US vendor Infinite Campus, which supports the parent portal for numerous city public schools.

Analysis from Kaspersky Lab experts has found that the majority of these DDoS attacks were carried out during term time and subsided during the holidays.

More or less the same result was obtained by the British organisation Jisc.

After collecting data about a series of attacks on universities, it determined that the number of attacks fell when students were on holiday.

The number of attacks also decreases outside of study hours, with DDoS interference in university resources mainly occurring between 9am and 4pm.

Overall, between July and September, DDoS botnets attacked targets in 82 countries.

China was once again first in terms of the number of attacks.

The US returned to second after losing its place in the top three to Hong Kong in Q2.

However, third place has now been occupied by Australia – the first time it’s reached such heights since Kaspersky Lab DDoS reports began.

There have also been changes in the top 10 countries with the highest number of active botnet C&C servers.

As in the previous quarter, the US remained in first place, but Russia moved up to second, while Greece came third.

Kaspersky DDoS protection business development manager Alexey Kiselev says, “The top priority of any cybercriminal activity is gain.

“However, that gain doesn’t necessarily have to be financial. The example of DDoS attacks on universities, schools and testing centres presumably demonstrates attempts by young people to annoy teachers, institutions or other students, or maybe just to postpone a test.

“At the same time, these attacks are often carried out without the use of botnets, which are, as a rule, only available to professional cybercriminals, who now seem to be more concerned with mining and conducting only well-paid attacks.

“This sort of ‘initiative’ shown by students and pupils would be amusing if it didn’t cause real problems for the attacked organisations which, in turn, have to prepare to defend themselves against such attacks,” Kiselev says.

Source: https://datacentrenews.eu/story/universities-seeing-rise-in-ddos-attacks

Players affected as online game ‘Final Fantasy XIV’ hit by ‘unprecedented’ cyberattacks

Servers for Square Enix Co.’s popular online game “Final Fantasy XIV” has been hit by a series of cyberattacks since early October, preventing some users from accessing the service, its publisher said Thursday.

The distributed denial of service (DDoS) attacks, in which multiple hacked computers are used to flood the target system, were carried out to an “unprecedented extent” against data centers in Japan, North America and Europe, Square Enix said.

The identities of the attackers are not yet known, although information security experts suspect links to cheap online services that carry out so-called DDoS attacks.

Two major attacks in early October and late October prevented game players from logging in to the service or cut off their connections for up to 20 hours, according to the company.

Square Enix has taken steps against the attacks but the servers were attacked again Tuesday night, disrupting the service for some 50 minutes.

“FFXIV” had previously been subjected to DDoS attacks. A study by a U.S. internet company has showed that some 80 percent of DDoS attacks worldwide are targeted at game services.

“The attacks may have been carried out by people who commit the offense for pleasure, hold a grudge against the company or seek money,” said Nobuhiro Tsuji, an information security expert.

“The attacks have extended over a long period, and, while it is costly, there is no choice but to boost countermeasures,” the expert at SoftBank Technology Corp. said.

In 2014, a high school student in Kumamoto Prefecture was found to have used an online DDoS attack service to disrupt a different game company’s operations after he became frustrated with the way the game services were managed. He was referred to prosecutors the same year.

Source: https://www.japantimes.co.jp/news/2018/11/01/business/tech/players-affected-online-game-final-fantasy-xiv-hit-unprecedented-cyberattacks/#.W9yKTuIpCUk

30 years ago, the world’s first cyberattack set the stage for modern cybersecurity challenges

Back in November 1988, Robert Tappan Morris, son of the famous cryptographer Robert Morris Sr., was a 20-something graduate student at Cornell who wanted to know how big the internet was – that is, how many devices were connected to it. So he wrote a program that would travel from computer to computer and ask each machine to send a signal back to a control server, which would keep count.

The program worked well – too well, in fact. Morris had known that if it traveled too fast there might be problems, but the limits he built in weren’t enough to keep the program from clogging up large sections of the internet, both copying itself to new machines and sending those pings back. When he realized what was happening, even his messages warning system administrators about the problem couldn’t get through.

His program became the first of a particular type of cyber attack called “distributed denial of service,” in which large numbers of internet-connected devices, including computers, webcams and other smart gadgets, are told to send lots of traffic to one particular address, overloading it with so much activity that either the system shuts down or its network connections are completely blocked.

As the chair of the integrated Indiana University Cybersecurity Program, I can report that these kinds of attacks are increasingly frequent today. In many ways, Morris’s program, known to history as the “Morris worm,” set the stage for the crucial, and potentially devastating, vulnerabilities in what I and others have called the coming “Internet of Everything.”

Unpacking the Morris worm

Worms and viruses are similar, but different in one key way: A virus needs an external command, from a user or a hacker, to run its program. A worm, by contrast, hits the ground running all on its own. For example, even if you never open your email program, a worm that gets onto your computer might email a copy of itself to everyone in your address book.

In an era when few people were concerned about malicious software and nobody had protective software installed, the Morris worm spread quickly. It took 72 hours for researchers at Purdue and Berkeley to halt the worm. In that time, it infected tens of thousands of systems – about 10 percent of the computers then on the internet. Cleaning up the infection cost hundreds or thousands of dollars for each affected machine.

In the clamor of media attention about this first event of its kind, confusion was rampant. Some reporters even asked whether people could catch the computer infection. Sadly, many journalists as a whole haven’t gotten much more knowledgeable on the topic in the intervening decades.

Morris wasn’t trying to destroy the internet, but the worm’s widespread effects resulted in him being prosecuted under the then-new Computer Fraud and Abuse Act. He was sentenced to three years of probation and a roughly US$10,000 fine. In the late 1990s, though, he became a dot-com millionaire – and is now a professor at MIT.

Rising threats

The internet remains subject to much more frequent – and more crippling – DDoS attacks. With more than 20 billion devices of all types, from refrigerators and cars to fitness trackers, connected to the internet, and millions more being connected weekly, the number of security flaws and vulnerabilities is exploding.

In October 2016, a DDoS attack using thousands of hijacked webcams – often used for security or baby monitors – shut down access to a number of important internet services along the eastern U.S. seaboard. That event was the culmination of a series of increasingly damaging attacks using a botnet, or a network of compromised devices, which was controlled by software called Mirai. Today’s internet is much larger, but not much more secure, than the internet of 1988.

Some things have actually gotten worse. Figuring out who is behind particular attacks is not as easy as waiting for that person to get worried and send out apology notes and warnings, as Morris did in 1988. In some cases – the ones big enough to merit full investigations – it’s possible to identify the culprits. A trio of college students was ultimately found to have created Mirai to gain advantages when playing the “Minecraft” computer game.

Fighting DDoS attacks

But technological tools are not enough, and neither are laws and regulations about online activity – including the law under which Morris was charged. The dozens of state and federal cybercrime statutes on the books have not yet seemed to reduce the overall number or severity of attacks, in part because of the global nature of the problem.

There are some efforts underway in Congress to allow attack victims in some cases to engage in active defense measures – a notion that comes with a number of downsides, including the risk of escalation – and to require better security for internet-connected devices. But passage is far from assured

There is cause for hope, though. In the wake of the Morris worm, Carnegie Mellon University established the world’s first Cyber Emergency Response Team, which has been replicated in the federal government and around the world. Some policymakers are talking about establishing a national cybersecurity safety board, to investigate digital weaknesses and issue recommendations, much as the National Transportation Safety Board does with airplane disasters.

More organizations are also taking preventative action, adopting best practices in cybersecurity as they build their systems, rather than waiting for a problem to happen and trying to clean up afterward. If more organizations considered cybersecurity as an important element of corporate social responsibility, they – and their staff, customers and business partners – would be safer.

In “3001: The Final Odyssey,” science fiction author Arthur C. Clarke envisioned a future where humanity sealed the worst of its weapons in a vault on the moon – which included room for the most malignant computer viruses ever created. Before the next iteration of the Morris worm or Mirai does untold damage to the modern information society, it is up to everyone – governments, companies and individuals alike – to set up rules and programs that support widespread cybersecurity, without waiting another 30 years.

Source:http://theconversation.com/30-years-ago-the-worlds-first-cyberattack-set-the-stage-for-modern-cybersecurity-challenges-105449

Server Configuration Is Top Healthcare Software Vulnerability

Server configuration is the top healthcare software vulnerability, followed by information leakage and cryptographic issues, according to Veracode’s State of Software Security (SOSS) study.

Other top vulnerabilities for healthcare include faulty deployment considerations, cross-site scripting holes, credentials management issues, and code quality.

“The highly regulated healthcare industry got high marks in many of this year’s SOSS metrics,” the report noted.

Healthcare scored highest on percentage of applications passing the OWASP Top 10 guidelines, considered a measure of industry best practices for software security. A full 55.3 percent of healthcare apps passed the OWASP test, compared to 27.7 percent of applications for all industries, based on scans conducted by Veracode.

“Flaw persistence analysis shows that when looking at all found vulnerabilities, this industry is statistically closing the window on app risk more quickly than any other sector,” the report concluded.

The report offered four key takeaways for security professionals, app developers, and business executives from its analysis of software security across industries.

First, the faster organizations close software vulnerabilities, the less risk applications pose over time.

Second, organizations need to prioritize which software security flaws to fix first, given the sheer volume of open software flaws. “While many organizations are doing a good job prioritizing by flaw severity, data this year shows that they’re not effectively considering other risk factors such as the criticality of the application or exploitability of flaws,” the report noted.

Third, DevSecOps has a positive effect on software security. The more often an organization scans software per year, the faster security fixes are made. “The frequent, incremental changes brought forth by DevSecOps makes it possible for these teams to fix flaws lightning fast compared to the traditional dev team,” it noted.

Fourth, organizations are still struggling with vulnerable open source components in their software. “As organizations tackle bug-ridden components, they should consider not just the open flaws within libraries and frameworks, but also how those components are being used,” the report observed.

A major software security concern for healthcare organizations is securing application programming interfaces (APIs). The June 2018 HIMSS Healthcare and Cross-sector Cybersecurity Report warned that hackers will be exploiting APIs more to gain access to healthcare organizations and stealing sensitive data.

API attack vectors include man in the middle attacks, session cookie tampering, and distributed denial of service (DDoS) attacks, the report noted.

To address the risks that unsecured APIs pose for healthcare, the American Hospital Association (AHA) recommended that stakeholders in the mobile healthcare environment develop a secure app ecosystem for sharing health data.

“To ensure a robust, secure set of tools for individuals to engage with hospitals and health systems via apps, stakeholders will need to work together to build an app ecosystem that is based on a rigorous and continuous vetting process that takes into account evolving risks. This could be done in the public sector, through certification, or through a public-private partnership,” AHA said.

AHA cited the example of the Payment Card Industry Data Security Standard (PCI DSS), which is an industry-developed standard that includes security requirements companies must adhere to if they want to process credit and debit cards.

The federal government should also develop a consumer education program to make it clear that commercial providers of health apps may not be subject to the HIPAA Privacy Rule, according to the association.

“Commercial app companies generally are not HIPAA-covered entities. Therefore, when information flows from a hospital’s information system to an app, it likely no longer will be protected by HIPAA,” said AHA.

“Most individuals will not be aware of this change and may be surprised when commercial app companies share their sensitive health information obtained from a hospital, such as diagnoses, medications or test results, in ways that are not allowed by HIPAA,” the association noted.

Source: https://healthitsecurity.com/news/server-configuration-is-top-healthcare-software-vulnerability

81.5M Voter Records For Sale On Dark Web Ahead Of Midterm Elections

The quarterly incident response (IR) threat report from Carbon Black isn’t usually such an exciting read, aggregating as it does data from across a number of partners in order to provide actionable intelligence for business leaders. The latest report, published today, is a politically charged exception. Not only does it reveal that nation-state politically motivated cyberattacks are on the up, with China and Russia responsible for 41.4% of all the reported attacks, but that voter databases from Alabama to Washington (and 18 others) are for sale on the dark web. These databases cover 21 states in all, with records for 81,534,624 voters that include voter IDs, names and addresses, phone numbers and citizenship status. Tom Kellerman, Carbon Black’s chief cybersecurity officer, describes the nation-state attackers as not “just committing simple burglary or even home invasion, they’re arsonists.” Nobody relishes their house burning down, even figuratively speaking. Which is why, according to another newly published report, this time from Unisys, suggests one in five voters may stay at home during the midterms as they fear their votes won’t count if systems suffer a cyberattack.

Amongst the key findings of the Carbon Black report, however, is the fact that China and Russia were responsible for 41.4% of the investigated attacks analyzed by researchers. The two also lead the pack when it comes to which countries incident response teams are seeing cyberattacks originating from. China was top of the table on 68% with Russia second on 59%. While the continent of North America (the report does not contain statistics that break this down to attacks from the United States alone) was third on 49%$, Iran, North Korea and Brazil were next in line. Earlier this year, Venafi surveyed security professionals with regards to election infrastructure risk. That research revealed that 81% of them thought threat actors will target election data as it is transmitted by voting machines. Worryingly, only 2% were ‘very confident’ in the capability of local, state and federal government to detect such attacks and only 3% thought the same about their abilities to block those attacks.

It’s just as well, then, that it has been reported the United States Cyber Command has now started what is believed to be the first cyber-operation to protect against election interference from Russia. “The attack surface in the US is incredibly broad and fragmented making security highly challenging” says Simon Staffell, head of public affairs at Nominet, who continues “but the response that has taken place in the US is also of an entirely different magnitude to anything seen before.” Yet this response does not appear to target Chinese threat actors. Some may find this omission a surprise, considering that Vice President Pence stated earlier this month that “what the Russians are doing pales in comparison to what China is doing across this country” and suggested that China wants to turn Trump voters against the administration.

Fraser Kyne, EMEA CTO at Bromium, would not be amongst the surprised though. He tells me that Bromium researchers have been working with Dr Mike McGuire to look into the impact of fake news on the US midterms. Early indications appear to suggest accusations against China are most likely unfounded. “Whilst China is funding local campaigns like the advertising taken out in US newspapers to promote US-Chinese trade” Kyne says “there is little evidence at the moment to suggest China is attempting to subvert democracy and influence the midterm elections.”

Meanwhile, some 68% of respondents to the Carbon Black report, representing a cross-section of some of the leading cybersecurity professionals across the globe, believe that cyberattacks will influence the midterms. This isn’t any kind of surprise when you take in the amount of election hacking and meddling resources that those same researchers found to be on sale through the dark web. These range from the aforementioned voter databases, through to social media election influence kits to target thousands of Instagram, Facebook, Twitter and YouTube accounts as well as the services of freelance hackers for hire who are offering to target government entities “for the purposes of database manipulation, economic/corporate espionage, DDoS attacks and botnet rentals.”

So, what kind of cyberattacks can we expect to see from state-sponsored actors as far as the midterms are concerned? Tony Richards, group CISO at Falanx Group, expects there will be some minor and likely not state sanctioned hacking attempts on electronic voting machines. “The fallout if a nation state was identified as the perpetrator would be considerable” Richards told me “so this would have to be a deniable operation.” It would also have to be done by someone with physical access to the voting machines in order to exploit many of the vulnerabilities that have been identified by researchers. “Voting machines are not usually connected to the Internet” explains Rafael Amado, senior strategy and research analyst at Digital Shadows, which means “the ability for attackers to tamper with voting ballots and results is greatly hindered.”

Some go as far as suggesting that to take the hacking concern out of the equation, elections should look back rather than forwards. The ‘right’ solution, according to Ryan Kalember, senior vice-president, Cybersecurity Strategy at Proofpoint, is paper. “An election system can be extremely resilient to fraud if there are paper records for registration and the votes themselves” Kalember insists, agreeing that this “may seem anti-modern, but is where we find ourselves in 2018.” Other cybersecurity experts suggest that the focus, when it comes to mitigating risk of interference in the midterm elections, simply needs to extend beyond voter registration and voting machine security altogether. “It’s important to take a look at the entire digital voting system” says Cindy Provin, CEO at Thales eSecurity, “how citizens register, how they find their polling places, how they check in, how they cast their ballots and how they find out who won.” This is an argument that is also made by Joseph Carson, chief security scientist & advisory CISO with Thycotic, who told me that the biggest challenge is that cybersecurity is only taken seriously in the voting infrastructure “when it is lacking in candidate campaigns, leaving the US open to serious cyber influence from foreign nation states.”

Maybe the notion of cyberattacks during the election process itself is something of a red-herring altogether? Especially given that there is such a global media appetite for Russian meddling stories, which will surely lead to this being such a high risk maneuver that it’s unlikely to be executed in any meaningful way. “The main effort will likely be in attempting to generate genuine conversations with organizations and individuals that have influence over a significant audience” says James Monckton, strategic communications director at Verbalisation, who thinks that the ‘influencing the influencers’ approach would be a highly effective method with a low level of attribution risk. The idea of shaping the debate by amplifying a particular viewpoint isn’t new news, but it is the most obvious meddling methodology we will see. Or rather, not see. “In the long term, it spreads mistrust as it becomes harder to distinguish the true from the fake” concludes Emily Orton, co-founder and director at Darktrace, “and has profound effects on democratic societies…”

One thing is for sure, according to Michael O’Malley, vice president of marketing with Radware, and that’s the threat of election interference will continue unabated until the US moves from the current fragmented state-by-state model to a nationwide election system. “We need a one person one vote approach and the US must make the necessary security upgrades to prevent voter fraud, foreign influence campaigns and hacking of our election infrastructure” O’Malley insists, warning that “Federal legislation needs to be introduced to make this happen…”

Source: https://www.forbes.com/sites/daveywinder/2018/10/30/81-5m-voter-records-for-sale-on-dark-web-ahead-of-midterm-elections/#1dca850f2a0c

Man Ordered to Pay $8.6 Million for Launching DDoS Attacks against Rutgers University

A New Jersey man received a court order to pay $8.6 million for launching a series of distributed denial-of-service (DDoS) attacks against Rutgers University.

On October 26, the U.S. Attorney’s Office for the District of New Jersey announced the sentence handed down by U.S. District Judge Michael Shipp to Paras Jha, 22, of Fanwood, New Jersey.

According to court documents, Jha targeted Rutgers University with a series of DDoS attacks between November 2014 and September 2016. The attacks took down the education institution’s central authentication server that maintains the gateway portal used by staff, faculty and students. In so doing, the DDoS campaigns disrupted students’ and faculty members’ ability to exchange assignments and assessments.

The FBI assisted Rutgers in its investigation of the attacks. In August 2015, the university also hired three security firms to test its network for vulnerabilities.

Jha’s criminal efforts online didn’t stop at Rutgers. In the summer and fall of 2016, Jha created the Mirai botnet with Josiah White, 21, of Washington, Pennsylvania and Dalton Norman, 22, of Metairie, Louisiana. The trio spent the next few months infecting more than 100,000 web-connected devices. They then abused that botnet to commit advertising fraud.

In December 2017, the three individuals pleaded guilty in the District of Alaska for conspiring to violate the Computer Fraud & Abuse Act by operating the Mirai botnet. It was less than a year later that a federal court in Alaska ordered the men to serve five-year probation periods, complete 2,500 hours of community service, pay restitution in the amount of $127,000 and voluntarily relinquish cryptocurrency seized by law enforcement during an investigation of their crimes.

Judge Shipp passed down his sentence to Jha within a Trenton federal court. As part of that decision, Jha must serve six months of home incarceration, complete five years of supervised release and perform 2,500 hours of community service for violating the Computer Fraud & Abuse Act.

Source: https://www.tripwire.com/state-of-security/security-data-protection/man-ordered-to-pay-8-6-million-for-launching-ddos-attacks-against-rutgers-university/

How to secure your online business from cyber threats?

Ecommerce revenue worldwide amounts to more than 1.7 trillion US dollars, in the year 2018 alone. And the growth is expected to increase furthermore.

However, with growth comes new challenges. One such problem is cybersecurity. In 2017, there were more than 88 million attacks on eCommerce businesses. And a significant portion includes small businesses.

Moreover, online businesses take a lot of days to recover from the attacks. Some businesses completely shut down due to the aftermath of the security breaches.

So, if you are a small business, it is essential to ensure the safety and security of your eCommerce site. Else, the risks pose a potential threat to your online business.

Here we discuss some basics to ensure proper security to your eCommerce site.

Add an SSL certificate

An SSL Certificate ensures that the browser displays a green padlock or in a way shows to the site visitors that they are safe; and that their data is protected with encryption during the transmission.

To enable or enforce an SSL certificate on your site, you should enable HTTPS—secured version of HyperText Transfer Protocol (HTTP)—across your website.

In general, HTTP is the protocol web browsers use to display web pages.

So, HTTPS and SSL certificates work hand in hand. Moreover, one is useless without the other.

However, you have to buy an SSL certificate that suits your needs. Buying a wrong SSL certificate would do no good for you.

Several types of SSL certificates are available based on the functionality, validation type, and features.

Some common SSL certificates based on the type of verification required are:

  1. Domain Validation SSL Certificate: This SSL certificate is issued after validating the ownership of the domain name.
  2. Organization Validation SSL Certificate: This SSL certificate additionally requires you to verify your business organization. The added benefit is it gives the site visitors or users some more confidence. Moreover, small online businesses should ideally opt for this type of SSL certificate.
  3. Extended Validation SSL Certificate: Well, this type of SSL certificate requires you to undergo more rigorous checks. But when someone visits your website, the address bar in the browser displays your brand name. It indicates users that you’re thoroughly vetted and highly trustworthy.

Here are some SSL certificate types based on the features and functionality.

  1. Single Domain SSL Certificate: This SSL certificate can be used with one and only one domain name.
  2. Wildcard SSL Certificate: This SSL certificate covers the primary and all the associated subdomains.
    Every subdomain along with the primary domain example.com will be covered under a single wildcard SSL certificate.
  3. Multi-Domain SSL Certificate: One single SSL certificate can cover multiple primary domains. The maximum number of domains covered depends on the SSL certificate vendor your purchase the certificate from. Typically, a Multi-Domain SSL Certificate can support up to 200 domain names.

Nowadays, making your business site secure with SSL certificate is a must. Otherwise, Google will punish you. Yes, Google ranks sites with HTTPS better than sites using no security.

However, if you are processing online payments on your site, then SSL security is essential. Otherwise, bad actors will misuse your customer information such as credit card details, eventually leading to identity theft and fraudulent activities.

Use a firewall

In general, a firewall monitors incoming and outgoing traffic on your servers, and it helps you to block certain types of traffic—which may pose a threat—from interacting or compromising your website servers.

Firewalls are available in both virtual and physical variants. And it depends on the type of environment you have in order to go with a specific firewall type.

Many eCommerce sites use something called a Web Application Firewall (WAF).

On top of a typical network firewall, a WAF gives more security to a business site. And it can safeguard your website from various types of known security attacks.

So, putting up a basic firewall is essential. Moreover, using a Web Application Firewall (WAF) is really up to the complexity of the website or application you have put up.

Protect your site from DDoS attacks

A type of attack used to bring your site down by sending huge amounts of traffic is nothing but denial-of-service-attack. In this attack, your site will be bombarded with spam requests in a volume that your website can’t handle. And the site eventually goes down, putting a service disruption to the normal/legitimate users.

However, it is easy to identify a denial-of-service-request, because too many requests come from only one source. And by blocking that source using a Firewall, you can defend your business site.

However, hackers have become smart and highly intelligent. They usually compromise various servers or user computers across the globe. And using those compromised sources, hackers will send massive amounts of requests. This type of advanced denial-of-service attack is known as distributed-denial-of-service-attack. Or simply put a DDoS attack.

When your site is attacked using DDoS, a common Firewall is not enough; because a firewall can only defend you from bad or malicious requests. But in DDoS, all requests can be good by the definition of the Firewall, but they overwhelm your website servers.

Some advanced Web Application Firewalls (WAF) can help you mitigate the risks of DDoS attacks.

Also, Internet Service Providers (ISPs) can detect them and stop the attacks from hitting your website servers. So, contact your ISP and get help from them on how they can protect your site from DDoS attacks.

If you need a fast and straightforward way to secure your website from distributed-denial-of-service attacks, services like Cloud Secure from Webscale Networks is a great option.

In the end, it is better to have strategies in place to mitigate DDoS attacks. Otherwise, your business site may go down and can damage your reputation—which is quite crucial in the eCommerce world.

Get malware protection

A Malware is a computer program that can infect your website and can do malicious activities on your servers.

If your site is affected by Malware, there are a number of dangers your site can run into. Or, the user data stored on your servers might get compromised.

So, scanning your website regularly for malware detection is essential. Symantec Corporation provides malware scanning and removal tools. These tools can help your site stay safe from various kinds of malware.

Encrypt data

If you are storing any user or business related data, it is best to store the data in encrypted form, on your servers.

If the data is not encrypted, and when there is a data breach, a hacker can easily use the data—which may include confidential information like credit card details, social security number, etc. But when the data is encrypted, it is much hard to misuse as the hacker needs to gain access to the decryption key.

However, you can use a tokenization system. In which, the sensitive information is replaced with a non-sensitive data called token.

When tokenization implemented, it renders the stolen data useless. Because the hacker cannot access the Tokenization system, which is the only component that can give access to sensitive information. Anyhow, your tokenization system should be implemented and isolated properly.

Use strong passwords

Use strong passwords that are at least 15 character length for your sites’ admin logins. And when you are remotely accessing your servers, use SSH key-based logins wherever possible. SSH key-based logins are proven to be more secure than password-based logins.

Not only you, urge your site users and customers to use strong password combinations. Moreover, remind them to change their password frequently. Plus, notify them about any phishing scams happening on your online business name.

For example, bad actors might send emails to your customers giving lucrative offers. And when a user clicks on the email, he will be redirected to a site that looks like yours, but it is a phishing site. And when payment details are entered, the bad actor takes advantage and commits fraudulent activities with the stolen payment info.

So, it is important to notify your user base about phishing scams and make your customers knowledgeable about cybersecurity.

Avoid public Wi-Fi networks

When you are working on your business site or logging into your servers, avoid public wifi networks. Often, these networks are poorly maintained on the security front. And they can become potential holes for password leaks.

However, public wifi networks can be speedy. So, when you cannot avoid using a public wifi network, use VPN services like ProtonVPN, CyberGhost VPN, TunnelBear VPN, etc, to mitigate the potential risks.

Keep your software update

To run an online business, you have to use various software components, from server OS to application middleware and frameworks.

Ensure that all these components are kept up to date timely and apply the patches as soon as they are available. Often these patches include performance improvements and security updates.

Some business owners might feel that this is a tedious process. But remember, one successful cyber attack has the potential to push you out of business for several days, if not entirely.

Conclusion

In this 21st century, web technology is growing and changing rapidly. So do the hackers from the IT underworld.

The steps mentioned above are necessary. But we cannot guarantee that they are sufficient. Moreover, each business case is different. You always have to keep yourself up to date. And it would help if you took care of your online business security from time to time. Failing which can make your business site a victim of cyber attacks.

Source: https://londonlovesbusiness.com/how-to-secure-your-online-business-from-cyber-threats/

82% of security pros fear hackers using AI to attack their company

Artificial intelligence (AI) is poised to impact every industry in the near future—including the lucrative business of malicious hacking and the cybersecurity industry working to defend against those attacks.

Enterprise IT and security professionals recognize AI’s potential in cybersecurity, according to a new report from Neustar: 87% of the 301 senior technology and security workers surveyed agreed that AI will make a difference in their company’s defenses. However, 82% said they are also afraid of attackers using AI against their company, the report found.

In a cyberattack, IT and security professionals said they most fear stolen company data (50%), loss of customer trust (19%), unstable business performance (16%), and the cost implications (16%).

Despite the risks, 59% of security pros said they remain apprehensive about adopting AI for security purposes, the report found.

“Artificial intelligence has been a major topic of discussion in recent times – with good reason,” Rodney Joffe, head of the the Neustar International Security Council and Neustar senior vice president and fellow, said in a press release. “There is immense opportunity available, but as we’ve seen today with this data, we’re at a crossroads. Organizations know the benefits, but they are also aware that today’s attackers have unique capabilities to cause destruction with that same technology. As a result, they’ve come to a point where they’re unsure if AI is a friend or foe.”

In terms of threats, security professionals said they were most concerned about DDoS attacks (22%), system compromise (20%), and ransomware (15%). Nearly half of organizations surveyed (46%) said they had been on the receiving end of a DDoS attack in Q3 2018, a higher proportion than in years past, the report found.

“What we do know is that IT leaders are confident in AI’s ability to make a significant difference in their defenses,” Joffe said in the release. “So what’s needed now is for security teams to prioritize education around AI, not only to ensure that the most efficient security strategies have been implemented, but to give organizations the opportunity to embrace – and not fear – this technology.”

The big takeaways for tech leaders:

  • 82% of security professionals said they are afraid of attackers using AI in cyberattacks against their company. — Neustar, 2018
  • Security professionals said they were most concerned about DDoS attacks (22%), system compromise (20%), and ransomware (15%). — Neustar, 2018

Source:https://www.techrepublic.com/article/82-of-security-pros-fear-hackers-using-ai-to-attack-their-company/

Copyright © 2014. DoS Protection UK. All Rights Reserved. Website Developed by: 6folds Marketing Inc. | Demo Test