Lately we’ve been talking about the new generation of hackers and the malware they employ.  These new hackers have opened up a more sophisticated Pandora’s Box of new cyber-threat and cyber-crime possibilities. Today the majority of attacks are designed to identify and to get valuable information such as sensitive personal information, intellectual property, authentication credentials and insider information.

Fortunately, the leading information security and network security providers are constantly developing new approaches and alliances to keep these ne’er do wells at bay.

Partners in Crime…Prevention

Recently, FireMon and Qualys have teamed up, to provide customers with enhanced analysis tools for their network by integrating QualysGuard Vulnerability Management into Firemon’s Security Manager with Risk Analyzer.

With this new integration “security organizations can now automate the real-time identification of assets that are truly at risk within their networks, and prioritize their remediation efforts to reduce the greatest amount of risk with the least amount of effort”. This also “provides customers with the most comprehensive and real-time solution to identifying exactly what assets on their network are at truly at risk and which they should remediate first to reduce the greatest amount of risk”.

Congratulations Albert!

Just last week FireMon announced a new security and risk management leader. Firemon named “Albert Nieves to the position of Vice President of Federal Sales”.  With over 20 years of professional industry sales experience, he will “focus primarily on the federal civilian, Department of Defense and intelligence markets”.  Konsultek would like to congratulate him on the promotion and we look forward to tapping his experience and expertise as we continue to identify ways to serve this market even better.

We Can Help!

Our expert engineers have the training and tools to allow them to assess your network’s vulnerability. Don’t fall into the trap of throwing good money after bad.  Find out where you stand today and build a security road map to where you need to be. We offer an entire range of vulnerability assessments from information only assessments to full blown penetration testing and formal reporting.

If you are interested in learning more about your network’s vulnerability, please give us a call to begin a dialogue.

It is amazing how far we have come over the last ten years alone, when looking at technology. Wireless internet was not mainstream just 5 years ago and today it is everywhere. We now take mobile broadband with 4G speeds for granted. Unfortunately, for those on the seedier side of technology, all of these improvements in access and speed have opened up a treasure trove of new hacking and cyber-crime possibilities.

A New Strategic Defense Alliance

Fortunately, two of the biggest and most forward-looking network security companies recently joined forces to stop these attacks before they start.

According to a recent announcement from Forescout, Forescout and Fireeye, have teamed up to take down real time “persistent threats”.   FireEye’s most recent Advanced Threat Report documents  that ”on average, a malware event occurs at a single organization once every three minutes, and the number of infections per company has nearly quadrupled since last year”. In many cases the malware at the root of these intrusions is so “new or has morphed to such an extent that conventional signature-based protection is unavailable”. This makes these types of “zero day attacks” particularly difficult to defend against.  What is even worse is that “the host-based defenses that should be on every system connecting to a corporate network are in many cases outdated, corrupt or non-existent” so by the time their system catches on, the damage has already been done.

What Kind of Technology You Ask?

FireEye plans to use their proven “APIs and standards-based Threat Intelligence Metadata to address the network visibility, endpoint validation and enforcement options needed by today’s organizations to automate key cyber security workflows”. While ForeScout will use their counterACT technology, which uses “real-time security platform that delivers complete visibility and automated control for all devices, users, systems and applications attempting to connect to an enterprise network – wired or wireless, managed or unmanaged, PC or mobile”.

We Can Help!

For more than 2 years we have been combining the synergistic capabilities of ForeScout and FireEye for clients with some of the most demanding security requirements.

KNACMAN, Konsultek’s managed service solution for NAC is built upon the same CounterACT platform that many highly secure organizations such as the EOUSA use and can be put into service for your organization as well.

Imagine all of the benefits of ForeScout’s CounterAct with the ease, convenience and financing flexibility of a managed service.  Now add the heightened level  of security that FireEye provides and you have the building blocks of a very secure network.

Please call us today to discuss how KNACMAN can ease the pain of securing your organization’s network.

Hacking has grown up a lot in past few years.  But, unlike an awkward teen who blossoms into a productive member of society, today’s hackers have matured into more malevolent individuals and organizations. In years gone by malware was designed for disruption and mischief. Today the majority of attacks are designed to identify and extract valuable information assets such as sensitive personal information, intellectual property, authentication credentials and insider information.

As reported in the The Wall Street Journal , FireEye recently released their latest Advanced Threat Report. The report provides a current overview of the advanced threat landscape including the evolving tactics of advanced persistent threats (APTs) and a detailed look at a major malware campaign targeting the aerospace and defense industry known as Operation Beebus.

FireEye, which estimates that a malware attack occurs on average once every three minutes, counts actions such as receiving “booby-trapped email file attachments, as well as actions taken by malware already installed, such as ‘calling home’ to command-and-control servers managed by attackers”.

Some other highlights in the report:

• What industry reports the most attacks? – Technology
• What is the most popular way to begin an attack? – Good ol’ fashioned phishing emails.
• What is the most common delivery vehicle of malware? – Zip file attachments
• Which delivery vehicle is the next rising star for malware delivery? – DLL files.

Why We Like FireEye

FireEye’s cloud based solution allows threats to be harmlessly “detonated” in a secure environment before they ever are allowed into your network.  FireEye’s solution is much more pro-active than traditional firewall technologies. Learn more here

We Can Help!

Our expert engineers have the training and tools to allow them to assess your network’s vulnerability. Don’t fall into the trap of throwing good money after bad.  Find out where you stand today and build a security road map to where you need to be. We offer an entire range of vulnerability assessments from information only assessments to full blown penetration testing and formal reporting.

If you are interested in learning more about your network’s vulnerability, please give us a call to begin a dialogue.

An arrest, related to the largest cyber attack in history was made in Spain last Friday.  The attack appears to have had as its goal to disable SpamHaus, which is a non profit organization that creates real time blacklists of spam related networks and operations for many big time agencies. SpamHaus also works with law enforcement to take down spam gangs and coordinates with cyber lobbyists for spam legislation.  Spamhaus are described as dependable, reliable and one of the world’s largest anti spamming organizations, which apparently is what drew the cross-hairs of this attack upon them.

According to the InternationalBusinessTimes, a Dutchman named Sven Olaf Kamphuis was arrested in Barcelona and is “affliiated with Stophaus, a group whose goal it is to shut down the anti-spam Spamhaus operation”.  This distribution denial of service, or DDoS, was done towards the end of March and was named “the largest attack in internet history”.  However, “while the attack was substantially larger than anything seen before at 300Gbps, its potential to “break the internet” has been discredited widely”.

Why SpamHaus?

Experts estimate the Spamhaus network “which works to create a real-time blacklist of servers they believe are used to send out spam email”, “are directly or indirectly responsible for filtering out as much as 80 percent of daily spam messages”.  Reportedly, Spamhaus is so firmly entrenched in the daily war against email spam that when a lawsuit in 2011 threatened to shut them down “doing so risked breaking the email infrastructure as we know it.”

US Government Getting More Involved in Cyber Threat Prevention

In past posts we have highlighted how the government is getting more involved in cyber threat prevention with The House’s cyber security initiative and Obama’s new initiative for cyber threats.  With more and more government authorities backing these plans, it is clear that cyber threat and cyber-crime prevention are finally getting the attention and resources they deserve.

Learn More from the FBI

This week Konsultek  was honored to have Tim Hearl from the FBI at our Lunch and Learn event. He  shared first hand the Bureau’s strategic realignment to address one of our nation’s greatest threats - the cyber threat to our national security from intrusions into both government and private computer networks.

If you were not fortunate enough to squeeze into this limited seating event, please continue to check our homepage for upcoming events as we hope to have Agent Hearl back for second session.

Cyber threats have flourished over the last 15 years and matured along the way. Threats that looked more like high school pranks have matured into full-fledged criminal activity that in aggregate cost their victims billions each year.

In the United States and across the globe the prevalence of social media and other forms of online interconnectedness have made privacy something of a privilege and that makes hacking a lot easier to do. Service providers handling your most important and private functions such as banks are making all their services electronic to drive costs down and convenience up. Unfortunately, this also multiplies the number of times and ways your personal information can be compromised.

The Feds Take Action

According to FederalTimes, the house has passed a bill that “would require agencies to continuously monitor their networks for cyber threats and report any attacks to a central incident center”. This would update the information security law passed in 2000, which would hold executive leaders accountable for their cyber security.  Since these reviews of federal IT systems are done annually, “the administration is nudging agencies to increase security reviews of their networks using automated tools and to report their security capabilities and shortcomings to the Department of Homeland Security”.

This bill would…

1. Implement security programs approved by Office of Management and Budget.

2. Mitigate risks associated with security incidents before substantial damage is done, and notify their inspector general and the designated government incident center.

3. Give their chief information officer authority and primary responsibility for developing, implementing and overseeing agency wide information security programs

Want to learn more?

Konsultek, the FBI and Source fire are holding a Lunch and Learn titled “The FBIs Next Generation Cyber Threat Initiative” Seating is limited so please sign-up early. You will not want to miss this opportunity to hear directly from the FBI on the matters of cyber threat mitigation.

In the world of higher education IT security is a top priority. With tens of thousands of students and hundreds of faculty, a large university faces the same security challenges as the largest corporations.

It should therefore come as no surprise to anyone that the IT solutions chosen by colleges and universities are similar to those used by the most technically advanced corporations.  Network Access Control is a great example.

Consider the challenges represented by the mobility of traditional students, commuting students and online students. Monitoring and controlling access for a user group of such diversity would have been extremely expensive and difficult just a decade ago. But times have changed…

According to MarketWatch, New York Law School has recently adopted ForeScout’s CounterACT network access control to secure their university.  Reportedly “NYLS found CounterACT easy to administer and deploy, while its lightweight agent was trouble-free for its 1,500 students and 200 faculty members”.

The university IT staff found that they “gained full visibility and control of all devices on the network; the means to easily monitor, control, and inventory systems while allowing for flexible enforcement; and the ability to thwart zero-day threats”.

BYOD Integration
As for the new BYOD trend, the team will “soon institute an executive trial utilizing ForeScout MDM, a cloud-based, mobile device lifecycle management solution that complements ForeScout network access control capabilities”.  Forescout is the recognized leader in all things network access control related, taking the leadership position in Gartner’s 2012 Magic Quadrant for network access control.

Frost & Sullivan “has acclaimed the company as the largest independent NAC vendor and one that is growing the fastest in the market”.

Still, CounterACT can be more capital and resource intensive to deploy than some organizations are prepared to invest. That is where KNACMAN shines.

Konsultek can help!

KNACMAN, Konsultek’s managed service solution for NAC is built upon the same CounterACT platform that many highly secure organizations such as the EOUSA use and can be put into use for your organization as well.

Imagine all of the benefits of ForeScout’s CounterAct with the ease, convenience and financing flexibility of a managed service.  Please call us today to discuss how KNACMAN can ease the pain of securing your organization’s network.

In today’s world it seems that almost everywhere you turn someone is using a smartphone, an iPad or some other mobile device. You could blame Apple or the late Steve Jobs for the introduction of the not watered down internet to mobile devices, however one could argue that it was Blackberry that really primed the pump and got the whole mobile revolution going. Either way, it was Jobs that found a way to market Apple devices worldwide and set the stage for the smartphone and tablet ubiquity we are seeing today. And that of course is what is driving the BYOD movement corporate IT is struggling to control.

According to fiercemobileit,  “BYOD is spurring a resurgence in the network access control market”. This is coming from a study which predicts that “the NAC market will increase at a 22 percent compound annual growth rate, reaching over $1 billion by 2017”.  The big three that own 70% of this market are Forescout, Juniper Networks and Cisco, and with this technology they can use it to “determine if a user and/or device should be able to gain access to a corporate network.”  NAC brings together endpoint security technology, user authentication and network security enforcement”

Mike Tilkian, VP of Business Development at Konsultek notes; “At Konsultek we prefer Forescout’s CounterACT NAC solution.  It is a robust, easily scaled platform that is proven to work well in organizations who are implementing BYOD.  Our KNACMAN, NAC as a Managed Service offering bundles all of the CounterACT platform’s benefits into a rapidly deployable and cost effective turn-key solution.”

Huge Risks…

BYOD has proven to be a huge security risk for corporations over the last couple of years and with ever changing security trends continuing to grow it can be very difficult to keep up and maintain.

We Can Help!

BYOD is a top priority at Konsultek and we ensure you get the same level of security and control in your mobile device suite that you apply to laptops and desktops. This includes the ability to identify, tag, and assign policies to both employee- and business-owned smartphones and tablets.

Interested? Please give us a call today.

Security is definitely not the first thing that pops up in a person’s head when someone mentions the latest trends. Sure the headlines are grabbed by businesses trends, fashion trends and diet trends but that doesn’t mean that there aren’t trends in the world of network security!

This year at the RSA Conference  F5Networks conducted a trend survey of attendees directly involved in IT security.  They found that “organizations are struggling to keep pace with the changing face of security.”

The results of this survey show that organizations are just not prepared for cyber attacks and other malicious malware.  Reportedly, “security trends such as virtualization (73%), BYOD (66%), and the complexity of attack types (72%) have the greatest impact on securing today’s organizations”.  That is not all; the survey also reported that “nearly half of respondents admit that traditional safeguards are less than adequate in protecting against threats related to these trends” and amongst the trends respondents said that “the shift from data center focused infrastructure to cloud-based infrastructure” is the most insecure.

Head over to the F5 site to see the full survey results: RSA Security Trend Survey

While you’re over there you might want to check out F5s White Paper on BYOD 2.0.

Whether you are a fan or not, BYOD is here to stay, and it is transforming the way enterprise IT looks at mobility.  BYDOD can potentially provide your organization with a significant cost savings and productivity boost, but it is fraught with risk if not handled correctly.

BYOD – Not Always Easy

Here at Konsultek we find that by applying solutions from F5, ForeScout and MaaS360 we can provide BYOD solutions that meet even the most demanding situations.

If you are interested in beginning a dialogue on your BYOD situation, please give us a call.

If I would have told you thirteen years ago that cyber threats would soon become a national administrative issue you’d have probably had a good chuckle and never given it a second thought!

No one could’ve predicted just how pervasive cyber crime would become. Today, everyone from the 23 year old college grad whose laptop gets hacked to the First Lady of the United States whose credit report get’s hacked and published online seems to be vulnerable. Although security protection has become more sophisticated and complex, the viruses, Trojans and other malware have gotten smarter, more sophisticated and more able to creep into corporate and government network systems.

Recently, President Obama spoke about this issue in a meeting before corporate leaders and raised some eyebrows in concern that the US in engaged in an “electronic war” with China.  He said that “You always have to be careful with war analogies, there’s a big difference between them engaging in cyber espionage or cyber attacks and, obviously, a hot war”. He confirmed that “we have seen a steady ramping up of cyber security threats” and that regarding China’s threats “some are state sponsored and some are criminals”.  He has also stated that “We’ve made it very clear to China and some other state actors that, you know, we expect them to follow international norms and abide by international rules.”  Obama reminded those assembled that “cyber attacks can cost billions of dollars, lead to stolen industry secrets, and place the United States at a competitive disadvantage”.

Government and Private Sector Should Work Together

When President Obama later met with CEOs at the White House he solicited their input on how the government and private sector can together improve “U.S. security for the Internet, online databases and more.” We now know that this meeting came after the First Lady’s credit report showed up online– adding emphasis to the subject at hand.

We Can Help!

Education can be a good first step. Keeping up with the latest security technologies, and educating personnel about new security threats can be difficult for organizations of all sizes and industries.

Fortunately, we here at Konsultek offer training on a wide variety of security and network topics. A great example is the role we serve as a ForeScout Certified Training Center. We routinely train participants from around the globe on the intricacies of ForeScout’s CounterACT system.

If you are interested in honing your skills, check out our upcoming training events and as always, please give us a call to begin a dialogue.

It seems that anywhere and everywhere you turn another major website or social media account is getting hacked.  Last week we reported that Burger King’s Twitter account was hacked. The hackers changed Burger King’s account to make it appear that Burger King had been acquired by their “arch” rivals McDonalds.  Even though Twitter hacks can cause panic attacks for the branding and social media departments, for the most part they can be recovered from quickly and without significant damage.

In stark contrast, one of the more serious hacks to have taken place recently; Project Blitzkrieg, has gained attention from hacking into US bank accounts with the expressed intent of stealing hard assets from investment banks. If successful, the recovery of these assets may take much longer if recovery is even possible.

Malware on the Rise

According to Cnet, McAfee’s fourth quarter 2012 threat reports find that “the number of trojans designed to steal passwords rose 72 percent last quarter” and while that is enough to raise some eyebrows Mc Afee also says “some of these trojans are part of customized threats, while others are packaged with more off-the-shelf forms of malware”.  Reportedly, the Citadel Trojan was specifically engineered to target the financial service sector.

As we see traditional malware rise in the wired world, we are also seeing a rise in mobile malware as the number of “mobile malware samples discovered by McAfee last year was 44 times the number found in 2011”. Most notably “Android-based malware samples jumped by 85 percent in the fourth quarter”, according to McAfee.

While it would be nice to wake up one morning and find that malware is no longer being developed and spread, we recommend that you take a more proactive approach to protecting your network!

NAC, firewalls and cloud based threat prevention when combined with skill and understanding can help secure networks, prevent breaches and avoid costly data loss.

Interested in learning more? Please give us a call so we can begin a dialogue.