A new weapon in cyber warfare fight

Sponsoren
Securing the workplace

The hybrid workplace has become the accepted norm. But being outside the corporate perimeter can make home workers a tempting target for cybercriminals – here’s how to fight back.

Watch now

HP Wolf Security: A New Breed of Endpoint Security

[embedded content]

As technology evolves, cybercriminals are more sophisticated, organised, and determined than ever. With constant changes in the workplace, how can you safeguard your PCs, printers and people from circling cyber predators? 

Discover HP Wolf Security. A new breed of endpoint security. 

Arm yourself with the most comprehensive tools to detect and protect. HP Wolf Security provides effective endpoint protection and resiliency, helping users to stay ahead of evolving modern threats.  

Defend against both known and unknown threats – even from Zero Days – with HP Wolf Security. 

Endpoint security is changing – here is how

By Computerworld, Contributing Editor

It sounds like stating the obvious, but working from home is very different from working in an office. It’s not just the lack of commuting – or the fact that there’s a fridge close to hand – but a difference in working practices too.

The blunt truth is that many workers use their work devices for personal matters. They even let other members of the household use them, for homework or games. And how wrong this may seem, you cannot blame them for it, as working from home means folding your professional life with your life at home and the people you love.

The figures bear this out. According to HP’s Blurred Lines and Blindspots report, 76% of office workers say that working from home during the pandemic has blurred the lines between their personal and professional lives. Half of all employees now say that they now see their work device as their own personal device, and 46% admitting to using their work laptop for ‘life admin’.

Still, criminals know all this just as well and they’ve raised their game as a result. Of course they do, because there is something to be gained here. The company data is out there in the open, outside the corporate network. So attackers are targeting home workers, and they are fine-tuning their methods along the way.

So, there’s a need to have control of the endpoint, but that is easier said than done. When you let overactive security experts have their way, you get all kinds of layers of authentication. In the end, productivity will be the victim of this, as workers cannot access the data they need to get their work done.

What is needed is a layered approach. The first layer is prevention. The user needs to be aware of the danger and take responsibility. This means keeping Windows up-to-date and knowing they cannot click on any link they see, open emails from untrusted sources or download games on their work devices. They also need good passwords and change them ever so often. Just these steps will save a good deal of trouble.

The next layer is detection. Here, old school anti malware software is not enough to protect against new malware and zero day exploits. It should be next generation detection based on artificial intelligence. However, the bad guys have it as well and they can fine-tune their malware so it will not be detected. So, therefore, there’s a need for another layer that takes care of the response.

In this layer, threads are immediately isolated. This layer of security should be built up from the hardware. Depending on the malware, the attack can come from anywhere in the endpoint. From the user account, an application, but also from the firmware or the operating system or even a printer. Actions, that are out of the ordinary, wherever they come from, should be stopped and contained.

All those layers must seamlessly work together to protect data. This is where the HP Wolf Security platform comes in.  Enterprises need a solution that can fight against all levels of cyber attacks, all within a single platform. And most importantly, works effectively in the workplace and external environments, like the home.

It can render malware harmless through threat containment, which shrinks the addressable attack surface by delivering protection against the most common attack vectors. Wolf Security also offers self-healing firmware, in-memory breach detection and automated alerting helps IT and security teams to monitor, manage and recover from remote firmware attacks.

Added to this, cloud-based intelligence and data gathered via endpoints enhance threat data collection to turn a traditional weakness – the endpoint – into an intelligence gathering strength.

Do you want to experience the possible solutions for these challenges? Go to: https://www.idc.com/eu/events/68172-idc-security-benelux

The executive’s guide to keeping up with cybercrime

By Computerworld, Contributing Editor

Cybercriminals are rubbing their hands with glee right now. They live in a world the attack surface is getting larger by the day. First, employees get a host of new devices, like smartphones, tablets and laptops, that they can take beyond the company firewall. On top of that, with many people working from home, company data is in danger, as cybercriminals sharpen their phishing spears and finetune their ransomware attacks.

At a boardroom level the severity of this threat is not always recognised. The budgets for cyber security remain low and IT and security leaders do not get a free hand in securing the company data.

There are plenty of examples of what can happen when ransomware does get through. This year alone, the world has seen some massive attacks on well-established organisations. Probably the most notorious was the assault on the Colonial Pipeline business in the US. But there have been plenty of other examples in the past few months: Axa France, PC vendor Acer, and the Irish Health and Safety Executive have all been hit.

The Netherlands has not been spared by the cyber criminals. Recently, we’ve seen the REvil attack, that got in through software from Kaseya. And don’t forget the Rotterdam Maersk terminal that shut down for weeks. So, there are plenty of examples to confirm how serious such attacks are.

Besides the severity of the threat, executives should be aware that the threat landscape is constantly moving: it transforms and evolves. This means it is no solution to have a static security system in place and to be done with it. In fact, this is a recipe for disaster because complacency creeps in and employees think they’re safe when they’re not

Security should also be continually evolving, while security professionals should be aware of what is happening everywhere in the world. It’s therefore essential for businesses to work with partners who are aware of the latest developments in security and the global threat landscape.

But the first thing to do is letting the CSOs or CISOs do their jobs. Give them the responsibility and the ability to get secure. The first thing they will do is a risk assessment. What data is under threat?  What will be the cost when it is compromised? How can the threat be mitigated? This assessment should be a continuous process as nothing stands still.

There’s a need to put security procedures in place. CSOs/CISOs must ensure that everyone has responsibility when it comes to security and must know what to do … or not do when it comes to encountering shady sources.

And on the technical side, any security partner should get its threat information from a worldwide network of endpoints so it can recognise malware as quickly as possible.

But no matter how good security is, it should always be prepared for the eventuality the malware does get through. Therefore, security should be based on the principle of Zero Trust. This means not one action is trusted without question. All access to resources is assessed based on context. Is the user in Russia or China, while he was in Amersfoort just a few seconds ago? Is accessing the data he tries to handle part of his everyday job? Does he usually use a device like the one he is on now?

But this Zero Trust security also looks at what the firmware is doing, or the operating system, or a printer. It has to look at every action possible. When these assessments of actions happen in real time, malware can be isolated immediately.

All those layers must seamlessly work together to protect data. This is where the HP Wolf Security platform comes in.  Enterprises need a solution that can fight against all levels of cyber attacks, all within a single platform. And most importantly, works effectively in the workplace and external environments, like the home.

HP Wolf Security will be a first line of defence against ransomware attacks. It will make extensive use of AI technology as a way of combatting the most relentless attackers.

It can render malware harmless through threat containment, which shrinks the addressable attack surface by delivering protection against the most common attack vectors. Wolf Security also offers self-healing firmware, in-memory breach detection and automated alerting helps IT and security teams to monitor, manage and recover from remote firmware attacks.

Added to this, cloud-based intelligence and data gathered via endpoints enhance threat data collection to turn a traditional weakness –the endpoint –into an intelligence gathering strength.  Of course, CIOs can always manage this themselves but HP Wolf Security provides everything in one platform.

A new weapon in cyber warfare fight

By Computerworld, Contributing Editor

High profile ransomware attacks on major businesses – like the one on Albert Heijn, where hackers knocked out the cheese warehouse, get plenty of attention. But SMBs should not be complacent; they’re equally at risk. An attack on a cheese warehouse sounds like a joke but it’s serious business. At least two Dutch companies were hit in the fallout from the Kaseya breach and the University of Leiden was also hit by a ransomware attack.

A recent report shows the level of threats that small businesses face. The survey, produced jointly by the Dutch prosecutors office and police, revealed that a stunning 46% of SMBs had to deal with ransomware, necessitating a considerable financial cost. So, how do smaller organisations handle this problem and deal with ransomware effectively?

The Covid-19 pandemic is the driver for many of these attacks. The HP report Blurred Lines and Blindspots reveals how the increasing numbers of home workers has directly led to a corresponding increase in attacks. This means that most endpoints are no longer safely behind the company firewall, but out in the open.It’s a situation that is not likely to ease any time soon.

Workers at home will still need to access all the important company data: operational data, customer data, financial records, billing information, you name it. If they cannot reach it, they cannot get any work done. So all data is under threat. And as it usually takes only one click to get infected, you can imagine this is a great opportunity for criminals.

Traditionally, many security experts think it is a good idea to secure the data by restricting access and several layers of authentication. These are too often added in an uncoordinated way. While increasing security, this will quickly frustrate home workers as they will not be able to access the data they need to do their work properly.

The first line of defence for any business is to educate employees not to click on any strange link, not to open emails from dubious sources and not to download games on their work PCs. In the office, that’s generally understood, but get into a home environment and rules go out the window. It takes just one person to be careless and the damage is done.

Then there are the traditional technical ways to secure laptops and PCs, like malware protection software. It is certainly a good idea to have it in place as a second line of defence, but it is not nearly enough to keep ransomware away from your data. It does not, for example, protect you against zero day exploits or machine generated malware. And even when you have next generation detection in place, you cannot rest assured. The bad guys have it as well, so they can fine-tune their malware so it will not be detected.

However useful, the traditional ways of looking at security ultimately fail. Companies should be prepared for the eventuality that malware gets through. It is all about what happens next, in other when they do get infected. The malware should be stopped automatically when it tries to get hold of any data. And this is only possible when there’s a system in place that has zero trust in any action.

The malicious action can come from anywhere in the endpoint. Not only from the user account, but also from the firmware, the application or the operating system. The system should assess every access to resources based on context. Who is the use?  What device does he usually use? What location is he in? Is what he is doing part of his usual job? Only when anomalies are automatically and in real time detected and isolated, does a company stand a chance against the ever more professional ransomware.

Companies who want to get the most protection, will have to use the potential of  Zero Trust.  Here’s where HP has taken a particular approach and looks to meet any threats as close to the source as possible, as that way they cause fewer threats.  In particular, HP Wolf zooms in on specific threats: opening attachments, insecure USB sticks and unsafe links. Endpoint security is the key word here.

Of course, that’s only half the battle: HP Wolf Security, also brings together artificial intelligence, in-memory breach detection and self-healing firmware, into one platform, only then will enterprises be able to fight against the type of ransomware attacks that we’ve been seeing in the past few years.