21 January 2022

IT security

The convergence of physical and IT security

“The age of IoT and AI means that physical and IT security are no longer separate domains. Instead, everything is connected, and you need to converge your security leadership, teams, capabilities, and technologies to navigate the evolving risk landscape,” said Fred Streefland, Director of Cybersecurity and Privacy at Hikvision EMEA. Until recently, physical and cybersecurity domains were separate from one another. Security teams, access control systems, and CCTV systems were used to physically secure buildings – from data centers to factories and warehouses. And IT teams looked after IT and network security with firewalls, anti-virus software, and data encryption technologies. But as organisations have forged ahead on their digital transformation journeys, innovative technologies such as IoT and AI have blurred the lines between physical security and cybersecurity: a trend that’s set to continue long term. Why IoT is increasing your physical and IT ‘attack surface’ When thinking about your overall security strategy, consider that your security cameras and other security infrastructure are now ‘IoT devices’ that are connected to the network. This gives criminals and hackers a much larger ‘attack surface’ for their activities, with multiple ways into your organisation. For example, hacking or otherwise accessing a network-connected camera or other device can allow criminals to override physical security controls and enter restricted areas or buildings. Equally, hackers who can breach IoT devices on the network may be able to disrupt critical systems, steal data, install ransomware, or otherwise compromise your company’s operations. Physical break-ins also pose major cybersecurity risks Equally, criminals who manage to circumvent your physical security infrastructure can also gain access to IT equipment and systems housed in restricted buildings. This means they can extend the impact of their localised attack across the length and breadth of your network, causing untold damage and disruption in the process. This is especially the case where server rooms are left open or unlocked within a building. The mission-criticality of the network, and the sensitive data stored in connected systems, means that much stronger security is needed for these kinds of facilities to ensure they are never accessed, even if intruders breach your building defenses. Here are some examples of how physical threat vectors can compromise digital security: – An infected USB drive is planted in a parking lot, lobby, etc., which an employee picks up and loads onto the corporate network. – An attacker breaks into a server room and installs a rogue device that captures confidential data. – An attacker pretends to be an employee and counts on a real employee’s courtesy to hold the door for him as they enter together. – An inside actor looks over the shoulder of a system engineer as they type administrative credentials into a system. The most well-known example of an attack on physical systems followed by an attack of IT systems is the hack on the retail giant Target in 2013. The attackers used an HVAC vendor’s credentials to compromise the network and ultimately the point of sale (POS) systems of this company. The attackers ‘entered’ the company via the Heating, Ventilation & Air Conditioning (HVAC) systems and managed to compromise several millions of credit cards of Target customers, which caused the resignation of the CIO and CEO of Target.   Media contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitybuyer.com

The convergence of physical and IT security Read More »

Cybereason

Cybereason new ‘Pay As You Grow’ program

Cybereason, the XDR company, has announced it has launched a ‘Pay as you Grow’ program (PAYG) for Managed Security Services Providers (MSSPs), which provides the company’s most trusted partners and solution providers with financial flexibility to increase their margins and profitability. The PAYG program is available for Elite and Premier Cybereason MSSP partners and offers several tiers designed to help them grow their business, depending on the goals of their business today and where it is going tomorrow. The program is designed to increase partner flexibility through a monthly billing model based on the number of endpoint sensors in use as opposed to annual subscriptions. “Participating partners in Cybereason’s Pay as you Grow program benefit from a billing process that allows them to buy like they sell, in a monthly fee based on usage, enabling them to increase profits as they grow their business,” said Stephan Tallent, Vice President, MSSP, Cybereason. “Additional advantages include a seamless tracking and billing model that creates an opportunity for MSSPs to support and secure customers of all sizes, without high contractual obligations to Cybereason.” The PAYG program also creates a competitive advantage for MSSP partners, including: Reduced barriers to entry for MSSPs looking to sell Cybereason solutions A viable migration option for partners using competitor PAYG programs A simplified licensing model and incentives for partners to accelerate the growth of their Cybereason business Access to dedicated support resources “Elite and Premier partners will benefit from the new PAYG program, and joining Cybereason in the collective effort to end cyberattacks against our joint customers will force adversaries to move on in search of easier targets,” added Tallent. Cybereason is the XDR company, partnering with Defenders to end attacks at the endpoint, in the cloud and across the entire enterprise ecosystem. Only the AI-driven Cybereason XDR Platform provides planetary scale data ingestion, operation-centric detection and predictive response that is undefeated against modern ransomware and advanced attack techniques. The Cybereason MalOp engine instantly delivers context-rich attack intelligence across every affected device, user and system with unparalleled speed and accuracy. Cybereason is a privately held international company headquartered in Boston with customers in more than 40 countries.   Media contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitybuyer.com

Cybereason new ‘Pay As You Grow’ program Read More »

Helixeon

Helixeon entrusts VIVOTEK security solutions

On the campuses of educational facilities and houses of worship, extensive security measures have unfortunately become a necessity. As such, James River Church was looking to upgrade their security solution. The church’s past security camera system was utilising multiple PTZ cameras, which were failing to capture entire areas of the property, which allows for criminal action. Because of these gaps in coverage, James River Church now needed to integrate camera coverage both indoors and out, in low-light and hard to see areas of the campus. Challenges in the project were related to not only being able to see all areas of the campus, but also in having the ability to count empty seats in the indoor auditorium, as well as to be able to track individuals when necessary. Helixeon chose VIVOTEK and a total of 34 of its indoor and outdoor security solutions to solve James River Church’s previous security solution issues. In the interior hallways and some rooms, 15 VIVOTEK FD9189-HT-v2 are now utilised because if its great picture and remote focus abilities. The FD9189-v2 series is a H.265 indoor dome network camera equipped with a 5-Megapixel sensor, enabling resolution of 2560×1920 at 30 fps. Featuring VIVOTEK SNV and WDR Pro technology, the FD9189-v2 series is capable of capturing high-quality imagery in both high-contrast and low-light environments. It offers two lens options for different user scenarios: fixed-focal and remote focus lenses. The camera is equipped with IR illuminators with a 30-meter effective range for better night visibility. Ten MS9390-HV dual 4-megapixel wide-angle lens design cameras have been integrated for both indoor and outdoor use along main travel areas. Unlike most traditional multi-sensor panoramic cameras which rely on four sensors, the MS9390-HV multi-sensor dome camera is also equipped with SNV (Supreme Night Visibility), WDR Pro technology, 180 degree IR illuminators effective up to 20 meters, and delivers full resolution imagery at 30 fps (frames per second), making it the ideal camera to provide excellent panoramic image quality for both day and night surveillance indoors or out. Additionally, with its unique dual-sensor design, the MS9390-HV is equipped with a video alignment feature, providing users both a detailed and yet seamless 180-degree panoramic view and a higher vertical field of view. This enables greater coverage not only on the horizontal, but also on the vertical plane, capturing an even greater field of view below the point of camera installation. To further help secure the outside of the campus, five FD9389-v2 series H.265 dome network cameras equipped with a 5-Megapixel sensor enabling resolution of 2560 x1920 at 30 fps, are now being used. Featuring VIVOTEK SNV and WDR Pro technology, the FD9389-v2 series is capable of capturing high-quality imagery in both high contrast and low light environments. The FD9389-v2 series offers two lens options, fixed-focal and remote focus lens for different user scenarios. The camera is equipped with IR illuminators with a 30-meter effective range for better night visibility.   Media contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitybuyer.com

Helixeon entrusts VIVOTEK security solutions Read More »

Acronis

The Ocean Race teams up with Acronis

Acronis, a global provider in cyber protection with dual headquarters in Schaffhausen, Switzerland and Singapore, will be the Official Cyber Protection Partner of the iconic ​​round-the-world sailing competition, The Ocean Race. The partnership will be supported by Ingram Micro, a global distributor of innovative technology products and services, as the Official #CyberFit Partner, inline with the Acronis #TeamUp Program. “Acronis is proud to support The Ocean Race, who are committed to sustainable operations in all aspects of the Race. Sports teams use Acronis Cyber Protect to optimise cybersecurity operations and make cyber protection more efficient,” said Jan Jaap Jager, Acronis CRO and Board Advisor. Rik Roukens, Technology Director of The Ocean Race said “Technology and innovation are at the heart of what we do at The Ocean Race, and this has enabled us to continuously push the boundaries on how our sport is delivered to fans and partners worldwide for nearly 50 years. With Acronis joining us as Official Cyber Protection Partner, we can continue to push those boundaries with the assurance of best-in-class data protection and disaster recovery systems.” The Ocean Race, a fully-crewed, around the world yacht race, is widely regarded as the toughest test of a team in sport, taking competitors to some of the most remote parts of the ocean in the world, with a race route that features seven stages and visits nine iconic international cities. “Protection plays a key role in The Ocean Race, whether through keeping our sailors safe at sea or through striving to protect our ocean through science and learning initiatives. With Acronis, protection of our technology infrastructure as we travel around the world is now a key priority and focus as well,” explained Roukens. Acronis maintains a wide portfolio of sports partnerships across the global sports landscape, including motorsport, football, baseball, and sailing. The Ocean Race will benefit from the extensive experience Acronis has in delivering innovative solutions for world-class sporting organisations. Managed service providers (MSPs) are invited to review the Acronis #TeamUp Program and support elite sports teams in their area. Jan Jaap Jager, Acronis CRO and Board Advisor said “The Ocean Race is the toughest test of a team in sport – as the longest and hardest professional sailing event in the world, where the team must come together to battle mother nature, at its finest. Just as cyber protection requires an integrated and constantly evolving solution to provide superior protection in today’s turbulent cyber world. That is why we are very excited to welcome Ingram and the Ocean Race as our latest Acronis #CyberFit MSP and sport partner.” Ingram Micro Cloud is a UK-based cloud growth enabler of technology solutions. As the Official #Cyberfit Partner, Ingram Micro Cloud guides businesses in realising the potential of Acronis’ solutions, delivering a full spectrum of products and services around the world. With deep expertise in cybersecurity, IaaS, SaaS and Modern Workplace, Ingram Micro Cloud empowers partners to operate efficiently and securely in the markets they serve. Ovi Gherghel, Director Cloud & Cyber Security for UK and Ireland said “Much like The Ocean Race, cybersecurity can feel like a journey of discovery, navigating uncertain and choppy waters to cross the finish line. We’re proud to be teaming up with Acronis and The Ocean Race to ensure our active global partner community is equipped with the very best protection solutions on the market. We look forward to a successful and sustainable partnership and wish all the competitors a safe journey in 2022.”   Media contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitybuyer.com

The Ocean Race teams up with Acronis Read More »

public cloud

Data stolen using public cloud infrastructure

Dirk Schrader, Global VP of Security at Netwrix has provided the following comment outlining how this malware works, who is in danger, detection tips as well as preventative measures. “An ongoing malware campaign recently documented by Cisco’s Talos Group, abuses the public cloud infrastructures of the likes of Amazon’s AWS and Microsoft’s Azure cloud services. This ‘activity’ means that threat actors are moving towards a fully dynamic attack infrastructure with the intention to circumvent initial distribution and access detection in ways unseen so far. Cybersecurity professionals are calling for Microsoft and Amazon to step up protections from misused public cloud instances in their possession. This could only slow down the attackers as they will turn to hijacked infrastructure. Attackers distributing malware using phishing emails with malicious attachments is nothing new. Once the attachment in the phishing email is opened, the second stage of a malware campaign is to ‘get in’. “While previous campaigns have been successfully thwarted at this stage, this one comes with a couple of new tricks. First of all, usage of a public cloud instances makes it difficult to dissect the malicious traffic from legitimate IP traffic to those cloud providers and solution providers using them. Moreover, this time the attackers also run a dynamic domain name scheme that is designed to render DNS based filters useless. “Almost every organisation is at risk of being targeted by this kind of campaign, even if the one analysed by Talos seems to focus on North America, Singapore and Italy. It might be just a question of the wording and language used in the phishing emails being more successful in the affected regions. As the usual prevention methods are diminished with this campaign, organisations need to improve their abilities to detect the activity of attacker that happen in the third stage of a malware attack: ‘get ready’. “Talos’ analysis describes in detail the methods used to connect to the cloud instances and download additional resources from them. That resource, known as remote access trojan, RATs, namely NanoCore, NetWire or AsyncRAT is downloaded using Powershell commands, which marks the first detection point to keep an eye on. Any use of Powershell by a regular user should be monitored, if not disabled by group policy security settings. If such activity is detected, an organisation can execute on pre-defined remediation steps like roll backs or it can quarantine the affected system to prevent further spread. Should that not be in place, the following downloads and change in registry setting related to those RAT malware strains can be detected using a file integrity monitoring solution. “This campaign also shows an initial confirmation of one of our team’s highlighted cyber security trends for 2022 that attackers will use hijacked infrastructure like unmanaged devices in home networks, being much easier to infect with malicious software than a professionally secured enterprise IT environment. With processing power and bandwidth connectivity in residences increasing, home networks will become more attractive to bad actors. For example, by infecting many devices, they will be able to change IP addresses or even domain names dynamically during malware campaigns, thwarting common defences like IP blocking and DNS filtering. IT teams should keep this new threat vector in mind when reviewing their security strategies and incident response plans as described above. Moreover, the IT industry should seek to increase user awareness and best practices adoption to reduce the number of ‘easy victims’.”   Media contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitybuyer.com

Data stolen using public cloud infrastructure Read More »

Nimans

IDIS distribution deal with Nimans

Nimans, a UK-based independent technology distributor, has confirmed a new distribution agreement with IDIS,  a South Korean video security technology provider and one of Europe’s fastest growing manufacturers. The deal will support Nimans’ customers with rapid in-stock availability of complete, end-to-end video solutions for applications including retail, education, commercial settings, healthcare and more. The fast growth in demand for IDIS’s NDAA-compliant video technology means its solutions are now providing highly secure but affordable protection in settings ranging from the NHS, data centres, and corporate offices to housing estates, schools and retail chains. IDIS’s extensive DirectIP range includes network cameras, NVRs and network accessories backed by extended warranties against equipment failure – an industry-best guarantee of support and protection – and offers installers the advantages of true plug-and-play set up that make implementation faster, with assured compatibility and full system functionality first time. IDIS offers a choice of video management software including the licence-free IDIS Centre VMS for applications up to 1,024 devices, and the IDIS Solutions Suite VMS which provides the most flexible and powerful foundation for large and multi-site monitoring operations. IDIS is also at the forefront of developing advanced, deep-learning video analytics to help users automate surveillance tasks – from object and loitering detection to people counting and building occupancy monitoring. Utlising these highly-accurate AI-powered features, empowers security operatives to strenthen safety and security, reduce operating costs, and increase business intelligence. Camilla Kirkham, Head of Nimans Security & AV division commented, “We are delighted to offer the IDIS unique range of DirectIP and NDAA-compliant products to our customers. Our appointment as an IDIS distributor further enhances Nimans commitment to bringing leading technology to our large customer base.” Jamie Barnfield, Senior Sales Director, IDIS Europe, welcomed the partnership with Nimans: “With demand continuing to grow for end-to-end solutions, including for emerging deep-learning analytics, this agreement will make it easy for Nimans’ customers to deliver advanced video projects and compete for major contracts using IDIS’s proven and trusted technology.” IDIS is a global security company that designs, develops, manufactures, and delivers surveillance solutions for a wide range of commercial and public sector markets. As a video surveillance manufacturer in South Korea, headquartered just outside of Seoul and operating across 50 countries and 100+ strategic partners, IDIS is a world-leading total solution provider with more than two million recorders installed worldwide and over 16.5 million cameras utilizing IDIS technology.   Media contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitybuyer.com

IDIS distribution deal with Nimans Read More »

Scroll to Top