search.noResults

search.searching

note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
28


over 100 gigabytes of data from an army intelligence project codenamed ‘Red Disk.


Leo Taddeo, chief information security officer (CISO) at Cyxtera, said: “Time and again we see basic security controls go by the wayside. Failing to password-protect a server is incredible in this age of cyber-attacks. Every organisation needs to review their cyber policies, batten down the hatches and plug their holes. Also, it’s time to take a fresh look at how we secure our networks and applications. For too long we’ve lived in a world of over-privileged access - and that needs to change. Approaches like a software defined perimeter (SDP), which originated at the Defense Information Systems Agency, is a step in the right direction. Access is granted on a need-to-know-only basis. The context of the user, at the time they’re trying to connect to resources, dictates what they see.”





Our research has


uncovered a staggering increase in compromised credentials linked to the FTSE 100 companies


Key findings of the Venafi study include:


• 85% of respondents say they do not have a complete and accurate inventory of all SSH keys. Without a comprehensive list, organisations in the financial services industry cannot determine if keys have been stolen or misused.


• 61% of respondents do not restrict the number of SSH administrators, which allows an unlimited number of users the ability to generate SSH keys across large numbers of systems. These administrators tend to use inconsistent security controls that leave organisations without any inventory or regular review of SSH trust relationships.


• Just 29% of respondents rotate keys on a quarterly or more frequent basis. Thirty-six percent say they don’t rotate keys at all or only do so occasionally. Attackers who gain access to SSH keys will have ongoing privileged access until keys are rotated.


Leo Taddeo, CISO Cyxtera


A recent survey by Venafi into how financial services organisations manage and implement Secure Shell (SSH) showed that even in certification security we are not learning the lessons of sloppy management. One hundred IT security professionals from the financial services industry participated in the study, which reveals a widespread lack of SSH security controls.


According to Venafi’s research, even though SSH keys provide the highest levels of administrative access, they are routinely untracked, unmanaged and poorly secured. For example, 69% of respondents from the financial services industry admit they do not actively rotate keys, even when an administrator leaves their organisation. This allows the former employee to have ongoing privileged access to critical and sensitive systems.


“Cyber criminals can leverage compromised SSH keys to gain elevated access to servers and perform nefarious activities, all while remaining undetected,” said Nick Hunter, senior technical manager for Venafi. “Also, they know that a single SSH key will often be copied across hundreds or thousands of systems.


“Cybercriminals can use compromised keys to move throughout a financial services organisation, creating additional backdoors and setting up beachheads for their operations.”


www.ibsintelligence.com | © IBS Intelligence 2018


• 39% of respondents say they do not enforce “no port forwarding” for SSH. Because port forwarding allows users to bypass the firewalls between systems effectively, a cybercriminal with SSH access can rapidly pivot across network segments.


• Nearly a third (31%) of respondents say SSH entitlements are not featured in their Privileged Access Management (PAM) policies and are rarely audited. Without proper auditing and effective SSH security policies, SSH fundamental weaknesses can go undetected, leaving financial services organisations vulnerable to a wide range of cybersecurity attacks.


In 2017 the volume of credential exposures dramatically increased to 16,583 from April to July 2017, compared to 5,275 in 2016. In all, 77% of the FTSE 100 were exposed, with an average of 218 usernames and passwords stolen, published or sold per company. In most cases, the loss of credentials occurred on third party, non- work websites where employees reuse corporate credentials.


In May 2017, more than 560 million login credentials were found on an anonymous online database, including roughly 243.6 million unique email addresses and passwords. A significant number of credentials linked to FTSE 100 organisations were still left compromised over three months after the discovery. This failure to remediate and secure employee accounts means that critical business content and personal consumer information held by the UK’s biggest businesses have been left open to sustained cyber-attacks. The report, The FTSE 100: Targeted


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44