Recent

Bringing new concepts to infosec

April 26, 2017

Source: ITWeb   Young professionals with an interest in developing their infosec skills, meeting with like-minded individuals and gaining access to experts in their fields attended phase one of the inaugural #SS17HACK, to be held at ITWeb Security Summit 2017. The preselection process, Ideathon, took place in Tshwane on 22 April. The overall theme, "Innovation in Security", challenged disruptive innovators to build the most secure systems possible, as well as explore new innovative mechanisms for the security sector. The day kicked off early with over 40 aspiring 'hackers' arriving from different parts of Tshwane, Ekurhuleniand the Northern Cape. Their mandate was to spend time learning from experts on topics such as Twitter intelligence, malware threats, ethical hacking and integrating secure coding into the SDLC. They were also given the opportunity to mingle with infosec minds such as Manuel Corregedor of Telspace Systems, Nithen Naidoo of Snode, Ivan Burke and Francois Mouton of CSIR, Ashley Anthony of Isazi Consulting, and Grant Thompson of MTN. They later presented their ideas to this panel. During the ethical hacking session, presented by the CSIR, students got a snapshot of what happens online in any 60 seconds, as well as the number of data breaches over the same period. Over seven billion data records were lost or stolen since 2013, over four-and-a-half million daily and 52 per second. These take place across industries but are more prevalent in the retail and financial sectors. Attendees delved into the types of hackers out there, what phases hacking goes through and the questions ethical hackers need to answer. info|Guardian then provided students with a session on SDLC. Snode Twitter Intelligence Challenge, the next presentation of the morning, exposed how intelligence gleaned from Twitter has been used to track criminals, prevent potential terrorist attacks and monitor its users. Snode also revealed some data pertaining to the real agenda behind the recent #feesmustfall campaign. The students were exposed to the challenges associated with using such data to correctly predict patterns and come up with creative and innovative ways to apply possible solutions. The malware threat presentation by Telspace Systems drew attention to: what is malware really, are the current anti-malware products working and how they work. The afternoon was all about innovation, new ideas and concepts, with nine teams represented. Their ideas ranged from social media education to new voting techniques, facial recognition to artificial intelligence, and machine learning, all from a secure foundation. Only 30 of the over 140 registrants to #SS17HACK will be chosen and will further develop their concept, under the guidance of experts, at the main event on 16 and 17 May.   From ideas to reality   Judges and mentors at the event had this feedback for the up-and-coming infosec professionals: Ashley Anthony of Isazi Consulting noted: "One of the most important quotes that I think the students should think about based on the presentations that we heard comes from Albert Einstein: If you can't explain it simply, you don't understand it well enough." ITWeb's Ivan Regasek said: "The participants seemed to grasp the various security concerns presented. The problems addressed were largely on point, and ideas generated ranged from good try to brilliant. I trust the problems tackled will give food for thought to the security community at the event, and am much looking forward to the experienced community guiding the ambitious contestants towards hopefully creating real solutions." Manuel Corregedor of Telspace Systems said: "It was really great to meet students with different backgrounds and skill sets in IT. There were some really great ideas and it was good to see some attendees proposing solutions that could be used to better protect the end-user, through the use of technologies such as browser extensions, blockchains, artificial intelligence, mobile applications and biometrics. I am really looking forward to the hackathon, where we will see these ideas come to life and possibly change the world."

Security Summit 2017 announces its first Hackathon

February 23, 2017

Source: ITWeb   ITWeb Events, ICT skills development company Geekulcha and cyber security start-up Snode are bringing the first ever hackathon to the ITWeb Security Summit 2017. #SS17HACK is now open for registration and is looking for young, talented individuals who want to develop their skills through learning and innovation, and who have a passion for information security. According to Allyson Towle, conference director from ITWeb, the hackathon is challenging disruptive innovators to build the most secure systems possible, and will also be used to explore new innovative mechanisms for the security sector.   Skills development Tiyani Nghonyama, COO of Geekulcha, says: "As far as Security Summit 2017 is concerned, Geekulcha is highly anticipating a skills development drive through the hackathon especially for intermediate developers. We want to instill a culture of consciousness in information security from both the developers and consumers/users of digital solutions." According to him, the hackathon presents the perfect opportunity to discover new talent and valuable skills capacity for various organisations. "We want to send a strong message that there is a need to invest in the collaborative economy and peer-learning platforms such as hackathons." With this in mind, various organisations have been invited to scout talent for work and collaborative opportunities at this event. Nghonyama says the hackathon is hosted against the backdrop of a need to grow skills capacity in cyber security in the country. "We believe building the momentum and equipping fresh talent with critical knowledge, and being exposed to over 500 experts in the ITWeb Security Summit, is a first step towards winning the war as intended." He says it is a collective responsibility to insure innovation capacity continues to grow but grow safely and securely. "We have outlined three key sectors, namely finance, retail and public sector, that need critical defence, and we aim to build 'digital troops' through the hackathon." There will only be 30 spots available, and those wishing to apply need to choose from a number of themes, or suggest their own idea during the registration process. As part of the event, an 'ideathon' will be held on 22 April 2017 where the various stakeholders will make their final selection.   'Must be solved' ideas The mentors and judges have selected a few 'must be solved' ideas: Financial Sector An Artificial Intelligence (AI) and cognitive fraud detection system. Propose a model and system architecture for cheaply but safely distributing pension pay-outs to people in rural areas. Design and develop an OTP system for Internet Banking that doesn't require the use of a mobile phone. Public Sector Twitter intelligence solution. Blockchain voting system. Retail IOT cashless no-point of sale solution. Other Design and develop a system that will note whether your mobile phone is in the vicinity when you log onto your computer and deny access if it isn't.   Judging and prizes Judging for the hackathon will take place around 3pm on 17 May 2017, and the winners will be announced to the audience at around 5pm. The judges and mentors for the event include Dino Covotsos from Telspace Systems, Dr Jabu Mtsweni from the CSIR, Marc Silver from Discovery Health, Grant Thompson from MTN, Ivan Regasek from ITWeb, and Yugan Reddy from InfoGuardian. There will be a first prize of R20k, a second price of R10k and third prize of R5k. In addition, entrants stand a chance of being a recipient of one of a number of internships on offer by reputable organisations.

Analysis of #FeesMustFall tweets reveals startling trends

December 15, 2016

Source: htxt.africa   Cyber security firm Snode has taken a look at tweets sorrounding recent #FeesMustFall protests and found some incredibly interesting data. Earlier this year Snode launched a cyber security solution which uses machine learning and algorithms to detect patterns and anomalies in a network. We’ve learned that Snode is quite good at detecting patterns so the team decided to see what sort of patterns they could find while analysing tweets related to #FeesMustFall. This was done by looking at a few things namely; location of tweets and tweets using the #FeesMustFall hashtag.   So what did they find? Looking at the locations of tweets Snode found that many tweets about Wits University originated from Pretoria. This Snode says contrasted against the subject of the tweets analysed. Snode also found that users in Pretoria referenced Wits University 14 times more than the University of Pretoria. Another interesting revelation was that of those users in the capital only 3% of #FeesMustFall tweets came from users linked to the Wits University account. The vast majority of tweets referencing the institution – 94% to be precise – were sent from accounts that have political ties. This, says Snode reveals that the #FeesMustFall protests may have been adopted by social media users to draw attention away from the goals of students.   Data in pictures Snode says that by further analysing the meta-data in photos shared on Twitter there exists the potential to glean even more data such as the location the photo was taken (using GPS co-ordinates), the type of device the person was using and even a user’s real name. But it doesn’t end there according to Snode co-founder Nithen Naidoo. “There are a host of AI applications available, such as Russia’s FindFace, which allows users to scan a digital image of someone and then discover their online profile. There are therefore a number of tools on hand to benefit law enforcement as much as they do criminals,” said Naidoo. This analysis shows us that you can’t inherently trust everything you read on social media, and perhaps we should be more questioning of what we see rather than sharing something because we think it’s topical. Deep analysis of social media can also help those in positions of power make more informed decisions about what the public sentiment really is. “With regard to socially relevant topics such as the student protests, having cyber intelligence at work can assist in gleaning vital insight,” says the co-founder. “At Snode, we believe having such knowledge can not only help us understand the climate better, but also assist law enforcement and government services to predict and respond to critical events more efficiently,” Naidoo concluded.

Cyber intelligence reveals #FeesMustFall agenda

December 13, 2016

Source: gadget.co.za   Cyber intelligence and analytics specialist, Snode, recently used its tools to analyse the #FeesMustFall protest and delve deeper within Twitter, offering enriched insight beyond 140 characters. Social media platforms such as Twitter may be divisive, but its significance cannot be overlooked. Cyber intelligence and analytics specialist, Snode, believes the potential applications for social media are yet to be fully realised. “As a source of intelligence, Twitter is a valuable source of intelligence and it should be utilised by business and law enforcement. It is an open-source data-rich platform and needs to be leveraged in the best way possible,” notes CIO and co-founder of Snode, Nithen Naidoo. Using the recent #FeesMustFall protests as a case study to showcase the enriched capabilities of cyber intelligence, Snode was able to apply its analytical tools to delve deeper into the anatomy of the Tweets, and even discover that outside influencers were making an impact. The university fee protests are a hot topic of conversation in South Africa. The dialogue is been most prevalent on Twitter, where numerous messages have been exchanged under the guise of creating a discourse around the cost of tertiary education. Interestingly though, Snode’s analysts have unearthed some other key insights not obvious to most people.   Delving deeper To gain a deeper understanding of the underlying forces driving the #FeesMustFall protests, Snode analysts have fused various social media conversations to identify emerging trends associated with, and patterns of behaviour fuelling, this massive campaign. The most telling finding is that many of the tweets did not originate from the same location that the message was referencing. In particular, the majority of tweets mentioning the University of Witwatersrand were found to have been sent from Pretoria, nearly 65 kilometres away. In fact, Snode detected an anomaly in which tweets from South Africa’s capital with the #FeesMustFall hashtag referenced Wits 14 times more than they did in their own city’s university protest. Accompanying this anomaly was the fact that only 3% of #FeesMustFall tweets came from users linked to the @WitsUniversity handle, as opposed to a staggering total of 94% from politically affiliated Twitter accounts. According to Naidoo, it can be inferred that there was another agenda being played out, and the #FeesMustFall protests are being abused by some social media users to draw attention to other topics, ultimately misrepresenting the true aim of students.   True potential While the potential for social media to be misused by a small percentage of users, Snode says that victims of crime and law enforcement have the ability to fight back. The company’s real time processing for example, can dissect a myriad of information contained within a Tweet, including a Twitter user’s (real) name, origin of the Tweet (longitude and latitude), device type (iPhone or Android), and place of residence (e.g. city or hometown). “If users share an image on Twitter for example, the metadata contained within that photo can offer us a wide ranging array of insights,” says Naidoo. “There are a host of AI applications available, such as Russia’s FindFace, which allows users to scan a digital image of someone and then discover their online profile. There are therefore a number of tools on hand to benefit law enforcement as much as they do criminals,” he continued. In the right hands, this kind of machine assisted analytics can empower social media platforms such as Twitter to help make data-driven decisions, notes Naidoo. In the US, a number of American agencies are already using deep analysis within Twitter to track down dissidents, according to Saudi scientist Hala Al-Dosari in a recent interview with Bloomberg Businessweek. “South Africa needs to use available technology correctly, especially when it comes to tackling issues like crime within the country. With regard to socially relevant topics such as the student protests, having cyber intelligence at work can assist in gleaning vital insight. At Snode, we believe having such knowledge can not only help us understand the climate better, but also assist law enforcement and government services to predict and respond to critical events more efficiently,” says Naidoo.

Popular

Data Wizards’ Magic Proved Too Strong at #SS18Hack

May 25, 2018

Author: Alastair Waldeck, Head of Marketing (Snode)   One month after the successful Ideathon was held in Johannesburg CBD, the Hackathon participants gathered once again for the main event at Vodacom World in Midrand, the #SS18Hack! In total, 42 infosec aspirants from all around the country arrived for a two-day event that would test their stamina, concentration, teamwork and coding abilities to the limit! The theme of these year’s Hackathon was ‘Man vs Machine – Securing the future of business against an ever-changing threat landscape’; focusing, as the title suggests, on machine learning and creating a solution that could solve real-world security problems that continue to plague many organisations today. The 11 teams arrived early on the morning off 22 May, full of energy and motivation, and immediately started getting to work on their ideas with the guidance from their respective mentors. By the evening of the 22nd, the participants had made themselves comfortable and settled down for a long night of hard work and coding. When delegates from the Security Summit walked in the next day, the room was virtually unrecognisable; bean bags, energy drinks and snacks were scattered everywhere! The long-haul proved too much for some as they caught a quick power nap to give themselves the ability to push through the last few hours before the final presentations and judging. The participants truly had pulled out all the stops to ensure that they can keep going, keep coding, with their eyes constantly focused on the top spot! At half-past two on day two, time was up! The teams now had to pitch their ideas to the judges in the hopes that what they had manage to create was good enough to earn them a place in the winner’s circle. Each team had 6 minutes to present followed by Q&A from the judges. After all the pitches were complete, the judges went away to deliberate as the teams anxiously waited for the results. A few minutes later, it was done, the scores were tallied and the winners were known. Doreen Mokoena, Internet Governance Coordinator at .ZA Doman Name Authority had the honours of announcing the top teams. In third place was team Knowzee who presented a solution that allowed individuals to determine whether or not they were sharing too much information on their social media accounts. First and second place were neck-in-neck with the judges having to discuss long and hard in order to reach a consensus as to whom they believed should be the winner. Moringa IT, a team from Kimberley, ultimately claimed second place. Their idea was a platform that utilised the power of IoT in order to assist farmers with the irrigation of their crops by sensing the moisture levels in the soil and allowing the irrigation systems to automatically determine when and for how long the crops should get irrigated. The magic of team Data Wizards, however, proved to be too much as they claimed top spot at this year’s hackathon! Their solution was to prevent fraudulent activity in real-time at a transactional level. As a transaction occurs, each transaction would be assigned a risk score based on a several factors, this score would then determine whether or not the transaction should be accepted or declined. The winning team walked away with R20 000, followed by the second and third teams receiving R10 000 and R5 000 respectively. We would like to thank everyone who participated in the Hackathon for their hard work and dedication and for assisting in pulling off yet another successful event! Here’s to many more! The #SS18Hack was sponsored by the Northern Cape Department of Economic Development and Tourism, Geekulcha, Snode, The Business Clinic, MTN and CISO Alliances.

Proof: SA Is First In Line For Emerging Advanced Attacks

May 21, 2018

Author: Alastair Waldeck, Head of Marketing (Snode)   In an article published by ITWeb last week, Nithen Naidoo (Snode Founder and CEO) stated that South Africa is often first in line for newly emerging, advanced attacks. Developing economies such as Bangladesh, Vietnam and South Africa are viewed as soft, and lucrative, targets by organised crime syndicates with highly advanced cyber capabilities due to the fact that they have not made the same kind of security investments as their developed nation counterparts. One of the interesting findings mentioned in the article was the increasing trend of Snode clients being affected by an old "commercial-grade" Trojan called FinSpy, which was widely reported in 2013. "The malware is not necessarily new but the attack vectors to deliver the malware are new and quite advanced. This is similar to the Terdot malware, which delivered the old Zeus Trojan.", stated Naidoo. At the same time we were detecting this type of activity within our SA client base, AlienVault’s Open Threat Exchange (OTX) reported the discovery of a new version of FinFisher, a malware that is currently evading notice and leveraging social media to threaten critics in Turkey and beyond. It is specifically coded in order to appear as simple criminal malware, however there are several forensic artefacts which provide a clear indication that the agent identified is in fact FinSpy. The most substantial change in this latest version when compared to the original FinSpy malware is the steps it has taken to address the failures that led to the original software’s discovery and acknowledgement by security researchers. FinSpy infects its targets by redirecting the user, when downloading an application, to a version of an application that is infected with the FinFisher malware. This then allows the attacker to perform several activities such as live surveillance through webcams and microphones, keylogging, and exfiltration of files. The fact that this trend of the new, emerging FinFisher malware was detected by the Snode Guardian Cybersecurity Platform at the same time as organisations abroad is proof that South Africa is indeed a prime target for new and advanced cyberattacks. The need for South African organisations to not only ensure that they have adequate security measures in place to detect, prevent and respond against these attacks but also to share their threat intelligence and disclose when and how they are being attacked, is now more crucial than ever. In this ever-changing technological landscape, organisations are forced to find new ways to increase their security posture and minimise their risk. The Snode Guardian cybersecurity platform utilises learning machines, mathematics, and a synergy between both human and artificial intelligence (Intelligence Amplification) to monitor, detect and proactively respond to all threats on every device within your network, from traditional network devices through to BYOD, cloud and IoT devices. Naidoo will be presenting at the upcoming ITWeb Security Summit, and delegates attending his talk will learn about the emerging threats we see in Snode's South African client environments, as well as the key issues affecting the majority of its South African clients. He will also discuss the defence strategies clients have used that best address these issues. The ITWeb Security Summit is southern Africa’s definitive conference and expo for information security, IT and business professionals. This year, over 70 expert speakers will deliver key insights across 7 tracks, including workshops and training courses during the expanded 5-day event. The ITWeb Security Summit will be staged at Vodacom World, Midrand, from 22 – 23 May 2018; and CTICC Cape Town on 29 May 2018. Focused and interactive workshops as well as in-depth training courses will be run in the days around the main conference and exhibition. For more information, go to www.securitysummit.co.za. For information on Security Summit Cape Town, click here.

Young Minds Prepare For #SS18 Hack

April 21, 2018

Author: Alastair Waldeck, Head of Marketing (Snode)   A group of motivated young men and women gathered in the offices of The Business Clinic in Johannesburg CBD early on Saturday morning for the 2nd Annual #SS18Hack Ideathon. The Ideathon provided these aspiring cybersecurity and IT professionals with an opportunity to meet and greet with some of the top minds in the industry as well as to learn a thing or two from the four main workshops presented on the day. The Ideathon serves as pre-selection event for the larger, main event; the #SS18 Hackathon which will be held at Vodaworld in Midrand on the 22-23 May. The day began with an introduction from Mr Lucky Litelu (Executive Chairman and CEO of ICRD GROUP) and the sponsorship team of Tiyani Ngonyama (COO, Geekulcha), Allyson Towle (Senior Conference Director, ITWeb Events) and Alastair Waldeck (Head of Marketing, Snode). Our first speaker of the day was Ridewaan Hanslo from the CSIR who gave the attendees a comprehensive overview of Web App Security by providing several examples of different types of attacks, attackers, interactive examples how to practically identify and prevent these attacks as well as how to ensure that your next application is created with security as a priority. Second up was our very own Founder and CEO, Nithen Naidoo. He provided an introduction to the AI and Infosec industry by discussing the latest tools and methods within the cybersecurity and data analytics industry as well as how to analyse vast quantities of data in real-time in order to pull various insights, detect anomalies and trends and to be able to predict and defend against ever-evolving cyberattacks. After a quick break where the guys were able to refuel, get to know one another, ask questions and discuss ideas with the presenters, sponsors and other attendees, we returned to our seats for the 3rd workshop of the day. Francois Mouton from the CSIR was up next. Francois gave us a presentation on Ethical Hacking with a focus on his speciality, social engineering. By providing us with some simple, everyday examples of how human’s inherent trust can be our own downfall, he made us realise how simple a cyberattack can really be and how our perception of a cybercriminal being a person in a hoodie hiding behind a laptop is far from the truth. Last, but certainly not least, Kimoon Kim from Siatik spoke us through the concepts of Big Data and Machine Learning. By focusing on powerful platforms that are readily available for us to use such as Google Cloud and BigQuery, the attendees discovered how to easily analyse all their data, regardless of size, in real-time. The rest of the day was spent brainstorming ideas, absorbing even more information and inspiration from the mentors and speakers, and coming up with ideas that will not only take them through to the next round in Midrand, but also to potentially win them top spot at the #SS18 Hackathon later next month! The top three teams with the ideas that showed most potential were: - Bro-Coders - CleverKleva - TechnoGeeks - A special mention went to team Nosey. We look forward to seeing everyone again in a month’s time and would like to thank all the sponsors and speakers for their involvement in making this event successful!   Sponsors for the event: Snode, ITWeb, Geekulcha, The Business Clinic, Northern Cape Department of Economic Development and Tourism.

Re-invented Zeus malware Terdot, defied explanation, but cannot defeat detection

December 6, 2017

Author: Nithen Naidoo, Founder and CEO (Snode)   During October 2017, Snode's cybersecurity platform (Guardian) found an increasing trend in SA networks being infected by the well-known Zeus malware. Although the Zeus Trojan (discovered back in July 2007) is still considered one of the most prolific malware variants affecting the Internet today; the retro plague perplexed our analysts. The finding’s fallacy is that most (if not all) traditional anti-malware controls today can reliably defend against the Zeus malware threat. At the time, we could not explain how a 10-year-old Trojan was (as reported by our learning machine) effortlessly propagating through large SA corporate networks; unhindered and undetected. A fitting explanation was later provided courtesy of the global security technology firm, Bitdefender. Bitdefender’s researchers released a paper (mid November 2017) on the discovery of a new “Zeus inspired” Trojan, called Terdot. A surprising insight from their research is that they first discovered the Trojan in October 2016; which highlights a challenge in our machine-assisted analytics. You see, the machine-learnt Zeus malware's "pattern of behaviour" was now mimicked by Terdot. As a matter of fact, Snode's learning machine could only learn to accurately identify Terdot, by unlearning everything it knew about the Zeus malware. Hence why our learning machine is augmented by our (human) analysts as it allowed us to reliably distinguish between these two malware variants. Now, it is not often that a cybersecurity vendor will openly discuss the flaws in their machine learning and pattern recognition software. However, at Snode we do not build software, we deliver solutions (and we value transparency). This is why our machine-assisted analytics is backed by (and never delivered without) our human intelligence. Something to keep in mind, if you believe that AI-supported threat detection (neural network based pattern recognition) software will transcend your security posture to a cybersecurity nirvana, it won't, at least not yet. However, by enhancing your posture with such technology (defence in depth), you wont get trapped in a false sense of security, solely relying on the latest antivirus signatures to save you. Keep in mind that Terdot, was circulating in the wild for an entire year without signature-based detection. I would like to thank and give credit to the Bitdefender Research Labs for making the Terdot discovery. For more information, you can find the full research paper here.

Videos

Nithen Naidoo on South African start-up Snode’s use of Big Data analytics for Cybersecurity

February 26, 2018

Nithen Naidoo, Founder and CIO, Snode talks about: what the company does and how; how Snode Guardian can identify cyber-attacks; how the company has been funded; and future plans.

PHP Meetup (16 Jan 2018) – Part 2

February 15, 2018

The second in a series of videos from the PHP Meetup event hosted at the Hello Group on 16 January 2018.

PHP Meetup (16 Jan 2018) – Part 1

January 25, 2018

The first in a series of videos from the PHP Meetup event hosted at the Hello Group on 16 January 2018.

Snode | Who We Are

September 8, 2017

Snode is a data analytics platform that is designed to make the lives of whomever uses it easier, to assist in solving problems that were previously thought impossible, and to ultimately make a fundamental difference in the world as we know it.