Software
AG vient de franchir une étape importante car sa communauté ARIS ARIS
Community dépasse désormais 400.000 membres. La communauté ARIS est la plus grande
communauté BPM (Business Process Management) au monde et fournit du support à
ses membres en matière de collaboration, de participation et de partage de
l’information.
«Une communauté en ligne réussie, offre du contenu intéressant et une
expérience utilisateur qui fait revenir les gens,» explique le Dr Wolfram
Jost, Chief Technology Officer chez Software AG. «La communauté ARIS est un
succès car elle fournit de l’information BPM tant pour les utilisateurs débutants
que les expérimentés. Nous offrons à ces deux groupes la possibilité de
partager de l’information, de collaborer, de rencontrer des experts, de
participer à des forums de discussion et de télécharger du logiciel. »
La communauté ARIS dispose d’un cloud ARIS particulier, avec des
informations produit, des tutoriels et un blog. Les abonnés peuvent utiliser
les produits ARIS dans un cloud public ou privé. La communauté ARIS est
également une plate-forme pour des questions, du support et l’échange de
connaissances.
La communauté
·
Plus de 400.000 membre dans plus de 40 pays
·
La plus grande communauté au monde, avec
plusieurs groupes d’intérêt pour des pays particuliers, des secteurs
spécifiques (secteur public et métallurgie) ainsi que des sujets comme le
cloud
·
Partage de contenus processus, organigrammes,
BPMN2, data, applications et brainstorming
Plus d’information sera disponible lors de la conférence
internationale du groupe d’utilisateurs http://www.softwareag.com/corporate/community/usergroup/annual_conference/ à Dresde (Allemagne) du 13
au 17 juin. Jeudi 16 et vendredi 17 juin seront les journées mondiales des
utilisateurs ARIS.
|
26.5.16
La communauté ARIS de Software atteint 400.000 membres
Another malware wave hits Europe, mainly downloading ransomware Locky
ESET LiveGrid® telemetry shows a spike in
detections of the JS/Danger.ScriptAttachment malware in several European
countries. The most notable detection ratios are seen in Luxembourg (67%),
Czech Republic (60%), Austria (57%), Netherlands (54%) and the UK (51%),
but also in other European states.
After arriving as an email attachment, the threat
behind these detections is designed to download and install different variants
of malware to victims’ machines.
If the user falls for the scam,
JS/Danger.ScriptAttachment tries to download other malicious code, the majority
of which consists of various crypto-ransomware families such as Locky. A detailed description of how Locky operates is
available in a separate analysis.
JS/Danger.ScriptAttachment has the same intentions
as the Nemucod downloader, which hit the internet globally in
several waves. ESET warned the public of the threat in late December, 2015, and again in March, 2016.
ESET considers ransomware one of the most dangerous cyber threats at present, a fact that seems
unlikely to change in the foreseeable future. Therefore, we recommend both private and
corporate internet users keep their computers and software up to date, use
reliable security software and regularly backup their valuable data.
Prevalence of the JS/Danger.Script.Attachment
downloader in Europe
The detection
ratios span from 67% (Luxembourg) to under 1% (Belarus, Ukraine)
Prevalence levels:
·
Luxembourg:
67%
·
Austria: 57%
·
Netherlands:
54%
·
Germany: 48%
·
Denmark: 48%
·
Sweden: 46%
·
Belgium: 45 %
·
Spain: 42%
·
Finland: 42%
·
Norway: 40%
·
France: 36%
·
Portugal: 30%
·
Poland: 26%
24.5.16
Critical infrastructure: It’s time to make security a priority
The security of industrial systems has been
a matter of analysis and debate for years, especially after the onset of
threats against them such as the Stuxnet worm in 2010, and the recognition of the vulnerability
of these systems to external attacks.
Six years after Stuxnet and in the wake of other
threats that followed, such as Flame or Duqu, IT security teams face numerous challenges in
the quest to safeguard critical data against threats that no longer
differentiate among different types of industries.
One question becomes clear: are all these
businesses and industries prepared to face future challenges?
Critical systems at risk
The importance of ensuring information security on
critical infrastructure has been recognized for years, yet there are still
cases that illustrate the need for improvement.
To a large extent, one of the major sources of
security deficiencies is the fact that a large number of the manufacturers
of these platforms do not allow the introduction of changes or updates to
the hardware-controlling systems.
In summary, organizations are managing critical
infrastructure using operating systems that are obsolete, vulnerable and yet
connected to the internet, increasing the likelihood of a security
incident.
Consequently, there is a need for
manufacturers and industries to join forces to update their infrastructure and
mitigate security breaches that leave the door open to potential attacks.
Common threats targeting industries
indiscriminately
When it comes to cybercriminals targeting
industries such as energy, oil, mining and various industrial systems, attacks
are not restricted to sophisticated, complex threats such as Stuxnet, Duqu or
Flame.
During 2015, several cases were reported of energy companies being attacked
by malware dubbed Laziok,
used to collect data on compromised systems, including machine name, CPU
details, RAM size, hard disk size and what antivirus software was installed.
With this information, cybercriminals can determine
if the computers are viable targets for future attacks. What is curious about
these cases is that the attacks were based on emails containing an attachment
that exploited a Microsoft Windows vulnerability. Even more problematic
was that although a patch for this vulnerability was created in April
2012, many industries had not applied it yet.
Healthcare – among the most affected sectors
In addition to the industrial sector, the
healthcare industry has been an important component of the security debate over
the past year. During 2015, and as part of Verizon’s Data Breach Investigations Report, analysts
identified approximately 80,000 security incidents, of which 234 were healthcare-related, and 2,100 data loss breaches,
with 141 occurring in the healthcare industry.
A large number of security issues have become more
evident, including primarily insider abuse or bad practices, which caused 15%
of security incidents in the healthcare industry in 2014, compared to 20% in
2015, according to Verizon’s report.
“The healthcare sector
should be more aggressive in its defense planning, and should adopt
a faster pace in assessing risks.”
Also, healthcare organizations have become more
vulnerable to web application attacks and distributed denial-of-service (DDoS)
attacks, as this industry suffers 4% of this type of attack than all other
industries combined.
Add to this the findings of the Ponemon Institute report, which revealed that the root cause
of security breaches in healthcare organizations has shifted from accidental to
intentional. Criminal attacks are up 125% compared to five years ago, and lost
laptops are no longer the most common data breach threat.
In addition, 2015’s Fifth Annual Benchmark Study on Privacy and Security of Healthcare Data,
found that most organizations are unprepared to respond to new cyber threats
and lack the proper resources to protect patient data. 45% of healthcare
organizations said the root cause of data breaches were cyberattacks, compared
to 40% in 2013.
Highly vulnerable medical devices
In addition to the security management issues
mentioned above, new medical equipment also brings with it significant risks.
Improved capabilities in these devices include the fact that they feature an
internet connection, but this can be a mixed blessing. For instance, in
the case of implantable medical devices (IMDs), which are intended to treat
a variety of conditions, security concerns are often underestimated and
even overlooked.
The threat posed by this medical gear is very real,
and numerous types of device have been infected by malware, in most cases
inadvertently. In fact, during 2014 over 300 different surgical devices reportedly suffered
a vulnerability that might allow attackers to alter their
configurations.
As is the case with industrial security,
connectivity is a critical aspect. In this sense, it can be argued that
the security level of wireless connections is often very low, and that the medical
equipment industry continues to put off the inclusion of security mechanisms on
their devices.
For these reasons, medical devices are considered
an easy target, as they feature outdated applications with insufficient
security. The large majority of networked biomedical devices do not enable
modifications and do not support third-party-vendor authentication agents,
making them vulnerable to access via web browsers.
“The healthcare sector
should be more aggressive in its defense planning.”
In 2015, security researchers found vulnerabilities
in critical medical systems, which put them at risk of being exploited by
attackers. In the report detailing their research, they said they were able
to access internet-connected devices, and that they accessed the network of a
US health provider and found up to 68,000 medical systems and equipment with vulnerabilities that
were exposed to attacks.
This is why the healthcare sector should be more
aggressive in its defense planning, and should adopt a faster pace in
assessing risks, to guarantee that funds are well invested and that resources
and assets are well protected. Ideally, risk assessments should be carried out
continuously rather than periodically. This helps to guarantee that new assets,
as well as physical and digital strategies and defenses, are promptly included
in business plans and incident response plans.
Record theft: more than just exposed data
Successful attacks exploiting the flaws discussed
so far allow cybercriminals to gather a wealth of information, especially
from the healthcare industry, such as patients’ names, health insurance
numbers, telephone numbers, home addresses, email addresses and other personal
data. However, even more critical data can be breached, such as medical records
containing diagnoses and medication details. This information is very valuable
to attackers, and if stolen, it can be sold for profit, along with the personal
data mentioned above, on a much more specialized black market.
Regardless of where the information is obtained –
whether it is openly-available data that was published online or very specific
information stolen from medical records – if criminals manage to harvests
a large amount of information, they can sell it and even steal victims’
identities to commit various crimes such as creating false IDs, opening bank
accounts and applying for credit cards, committing tax fraud, and even using
the data to reply to security questions in order to access online accounts,
thus taking the threat to new digital horizons.
“It is essential not only
to have smart protection systems on the devices that hold or access them, but
also to add further barriers such as encryption.”
Clearly, the benefits of the internet and wireless
networks are very appealing to the healthcare industry. Above all, they provide
the user with immediate access to a treasure trove of information about
patients’ medical records from any location with an internet connection.
However, these are very sensitive data, and it is essential not only to have
smart protection systems on the devices that hold or access them, but also to
add further barriers such as encryption and multi-factor
authentication, as well as sound network segmentation and reliable
incident recovery strategies.
Focusing on security to prevent intrusion
Analysis of these cases makes it clear that there
is still much to do to raise awareness and provide education on
information security in private and public sector organizations. Attackers are
always looking for ways to access a system through any kind of gate that
is left open, and once they have managed to trespass the limits, they can not
only steal information, or compromise equipment so as to upload data to
a malicious network and misuse it at will, but they can also alter the
functioning of industrial equipment for improper purposes.
In an effort that illustrates the focus on the
protection of critical infrastructure, the National Science Foundation in the US awarded Texas Christian University
(TCU) approximately $250,000 in funding to help it come up with
effective measures that will protect medical devices from cyberattacks.
Similarly, the European Union Agency for Network and Information Security (ENISA) has
revealed that it will be looking to focus on developing good practices
when it comes to ’emerging smart critical infrastructure’ in 2016.
The industries that use these systems with major
security flaws are ones that provide essential services to the population.
Their infrastructures include water treatment, electric power generation and
distribution, natural gas distribution plants, and even medical record database
facilities. Their systems handle truly sensitive information, which explains
the criticality of the associated risks and the great impact in case of
vulnerability or failure.
Although some changes that improve security have
been introduced in many of these industries, there is still a long way to
go in the various sectors. The number of attacks against this kind of
infrastructure will rise by 2016 unless protection actions continue to be taken
at a fast pace, and that is why all activities related to information
security in these sectors will continue to gain prominence as a key
management factor.
This article is an adapted version of the
corresponding section from ESET’s 2016 trends paper (In)security Everywhere.
23.5.16
Financial institutions ‘need to prioritize’ cybersecurity
Financial institutions need to put cybersecurity at
the top of their agenda, according to a new report titled Cyber and the City.
Writing in one of the forewords, Mark Weil, CEO of
Marsh Ltd and chair of the of TheCityUK Cyber Taskforce, said that this isn’t
currently the case.
He explained that cyber vulnerabilities tend not to
be a key consideration of leaders in the financial and professional services
sector.
Usually, this important matter is “handled by
specialists”. While this is reassuring, it nevertheless needs to be
centralized.
“Outside of a very few firms, we do not yet see
cyber getting the attention it needs from business leaders.”
“Outside of a very few firms, we do not yet see
cyber getting the attention it needs from business leaders,” Mr Weil said.
“We seek to build on the progress already made, to
give the leaders of financial institutions a basis for staying ahead of the
criminals.”
The paper highlighted why the financial sector,
which includes banks, insurers and asset managers to name a few, is such a
target.
“It has the data and money to attract criminals,
the public profile to attract hacktivists and the criticality to the economy to
attract terrorists and hostile states,” it noted.
As such, any serious attack can have serious
repercussions not just on, for example, a bank, but its customers, the sector
and the wider economy.
When it comes to cyberattack responsiveness, the
authors of the report found that many firms understand that a very real threat
exists.
Accordingly, they have taken appropriate measures
to bolster their security. However, there is still a lot of work to be done.
For example, the study showed that cybersecurity is
not being “treated in a rigorous way”.
In other words, many firms have yet to establish
particular vulnerabilities, suggesting a more generalised approach to security.
Subscribe to:
Posts (Atom)