On Thursday 23 May 2019, we attended the Freshworks Networking Meet talking about the impact of an increasingly connected world. In 2019, the influence of IoT, cloud, and BYOD have a dramatic impact, not only in our personal lives, but also in the world of business. It is crucial that organisations shift their thinking from a historic view of cybersecurity as a “grudge purchase” to something that is vital to the running of your organisation, is crucial for success and can often win battles in the boardroom.
Our Founder and CEO, Nithen Naidoo, spoke about the changes we have seen in our client environments, especially with the workforce becoming increasingly dominated by millennials who expect to be connected at all times. Unlike traditional antivirus software, DLPs and firewalls, the Guardian platform is able to detect even the smallest changes in your networked environment and provides organisations with an unprecedented level of visibility and control of their network. It allows businesses across the globe to identify and prevent potential data exfiltration, malware infections and avoid catastrophic ransomware attacks such as the well-known Wannacry malware.
Once the floor was opened for questions, the audience raised concerns around how secure (1) Mac vs Windows Operating Systems are and (2) mobile vs desktop platforms, with a mention of the recent Huawei-Google ban. The long and short of it is that there is no one platform that is more or less secure than another, every system contains some form of vulnerability and can be exploited just as easily, the question comes in around what is most lucrative for the attacker. The myth of a Mac being more secure than a Windows PC is largely due to the fact that there are simply more Windows PCs out there and most organisations across the globe make use of Windows Operating Systems as the norm. Attackers, like businesses, often focus on ROI and will always focus their attention on where they believe they can have the greatest impact. When it comes to the mobile industry, mobile malware is growing at a rapid rate and often mobile devices are a greater concern than laptop or desktop devices as many users often blindly accept permissions on all their applications and are generally more trusting when it comes to a potentially “life-changing” application that appears on the app store. This poses a particular risk to organisations as these devices are often brought into the office and are connecting to the corporate network, allowing the malware to spread though the network and impact the business productivity and reputation.
Following Naidoo’s keynote, we joined a panel discussion chatting about creating a balance between organisational productivity and enterprise security in the age of consumerisation. Naidoo was joined by Darren Bilse (Systems and Technology Manager at Spark Schools), Andre Fredericks (CIO at Indie Sanlam) and Greg Lock (Senior Solution Architect at ITEC South Africa); moderating the panel was Saurabh Prabhuzantye (Business Head – MEA at Freshworks).
Topics covered in the panel covered everything from how consumerisation of IT has impacted the organisations for which the panellists’ work, to how migration to the cloud has brought both benefits and challenges to IT heads and CIOs around the world, to understanding what you are buying and whether or not it suits your organisation and the needs of your team on the ground; real world problems facing real world organisations.
The meet was a great information and knowledge sharing platform, allowing vendors and customers alike to openly share their opinions and experiences and to leverage off of the combined knowledge of South African and global IT professionals.
We would like to thank the Freshworks team for inviting us to participate in this event and look forward to working with them in the future!
The Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) have issued a joint Malware Analysis Report (AR19-129A) on a new malware variant used by the North Korean government. This malware was detected while tracking the malicious activities of the North Korean-backed hacking group Hidden Cobra (also known as Lazarus) and has been identified as Electricfish. Lazarus Group is a cybercrime group made up of an unknown number of individuals. While not much is known about the Lazarus Group, researchers have attributed many cyberattacks to them over the last decade. A notable attack by the group is the attack on Sony Pictures in 2014, which was the start to one of the largest corporate breaches in recent history. The hackers were able to cripple the Sony network for several days and gain access to valuable insider information including previously unreleased films and the personal information of approximately 4,000 past and present employees. The group was also able to access internal emails and reveal some very speculative practices going on at Sony. This latest report on Electricfish, published on the US-CERT website, comes with a detailed analysis of one malicious 32-bit executable file found to be infected with Lazarus' Electricfish malware. In this file, the malware appears to implement a custom protocol that creates a connection between the infected host and an external, malicious, destination host, bypassing authentication controls to reach outside of the network. Once a connection has been established, the Electricfish malware is able to funnel internet traffic between the two machines allowing the malicious actors to funnel information collected from compromised computers to servers that they control. The full, detailed report and analysis for the Electricfish malware sample as well as a full list of Indicators of Compromise (IoC’s) are available within the AR19-129A advisory.
Author: ITWeb With the first day of ITWeb’s 2019 Security Summit underway at the Sandton Convention Centre in Johannesburg, 50 young tech enthusiasts are participating in this years’ Hackathon event sponsored by PwC. The hackathon, held by ITWeb in conjunction with ICT skills development company Geekulcha and Snode Technologies, aims to nurture individuals who are keen to develop their skills through learning and innovation, and who have a passion for cyber security. Running for the third time alongside the summit, this year’s hackathon is themed ‘Protecting connected citizens in the 4IR’. Aptly called #SS19hack, the hackathon has participants as young as 13 participating and engaging with industry leaders. Lerouro Mogeora, aged 13, is the youngest participant this year, while for 14-year old Sifiso Nkabinde this is the second year at the event. Those participating range from high school pupils to students from the Vaal University, the Tshwane University of Technology and the University of the Witwatersrand. There are 13 teams hacking it out, creating secure IoT applications. As they code, they need to identify at least three vulnerabilities within their applications utilising OWASP, an open source cyber security platform for checking common vulnerabilities. OWASP also has tools to assist the coders in improving the security of their software. A week ago, at a similar hackathon event in Kimberly, eight teams were competing, with the winning team there creating a solution that provides encrypted file share and messaging applications for government ministries. The top three teams from the event will also have their projects judged alongside those in Johannesburg. The overall winning team from the two Hackathons will win R20 000 sponsored by Micro Focus, with the second and third placed teams winning R10 000 and R5 000 respectively, courtesy of MTN. An added bonus for the top team in Johannesburg is that they will be awarded the Tshimologong Precinct Security Summit Hackathon trophy. The #SS19hack continues during the second day of the ITWeb Security Summit 2019. Mentors Ivan Regasek, CEO, ITWebRidewaan Hanslo, CSIR Steve Jump, TelkomSolomon Bhala, PwCBernard Mashala, Transet Nithen Naidoo, SnodeFrancois Mouton, CyanreIcconies Ramatsakane, PwCGift Nyembe, PwCMarco Loots, PwCMichael van Rensburg, SnodeTsholofelo Rantao, PwCThulisile Dlamini, Ikusasa Tech Solutions Panel of judges Doreen Mokoena, ZADNALucy Motsieloa, PwCSeth Robbertse, Micro FocusKendal Makgamathe, TshimologongSorene Assefa, Cyber Czar