LATEST BLOG POSTS
Cyberattacks: a matter of war or disruption?
Cyberattacks are a threat to national security. However, describing them as war is highly problematic. Critics of this stance often argue that armed conflict has been becoming virtual. They say that violence in post-modern conflicts has decreased, replaced by other forms of violence such as cyberattacks. However, war is a distinct activity with a particular nature. It is organized violence carried out by political units. Most cyberattacks are a type of non-military activity that falls under the broad banner of “strategy” or “grand strategy.” In other words, when sponsored by states, they may serve military activity as much as diplomacy does. Cyberspace is the fifth domain of conflict, entirely constructed by humanity. It is intangible and, in very few cases, can be associated with physical destruction. The vast majority of cyberattacks is to be better understood as a form of sabotage rather than of war. Read more on blog! Cyberattacks: defining war. First, to determine whether cyberattacks maybe fall under the category of war, one should define it. In a purely technical sense, war is a matter of organized violence. Who carries out it is states. Then, informal groups carrying out warfare-like activities such as terrorism do not carry out war. State-sponsored groups usually carry out cyberattacks, although not all can be attributed to them. To qualify something like war, moreover, damage should be extensive. To date, one cyberattack that hitting the Iranian nuclear infrastructure led to limited physical destruction. Cyberattacks: war or disruption? Once defined war, we may now understand whether we can refer cyberattacks as proper war acts. First, a typology of cyber offensive activity, called cyberwarfare, may fall under the definition of war. Indeed, cyberwarfare may refer to “the use of digital attacks to attack a nation, causing comparable harm to actual warfare and/or disrupting the vital computer systems.” However, this definition does not define the actual agent. Indeed, one may ask: “which is the origin of the threat?” A state or a state-sponsored actor? Be careful with the answer. As far as international law is concerned, saying one or the other is a huge difference. When state-sponsored, cyberattacks, and even cyberwarfare, may not qualify as acts of war. On the other hand, it may be challenging to hold accountable a state for cyber offensives such as cyber espionage or disruption. Conclusion To conclude, defining cyberattacks as acts of war is such a complex matter. This blog has shown that the answer to that question is not as straightforward as it may seem. In actual fact, no wars have originated from cyber attacks so far. It isn’t easy to point a finger towards a state regarding accountability. Finally, cyberattacks are illegal themselves, but they lay in a grey area as espionage does: they do not seem enough to provoke a war, although they may serve military actions.
Smartworking: how to mitigate cyber risks
Smartworking is a fertile ground for cyber threats and criminals. As steps to counter the coronavirus outbreak take effect, millions of workers across the globe have been sent home with their laptops many times. Cybercrime is a silent actor that attempts to exploit the vulnerabilities of remote working. Indeed, remote workers can potentially present a number of cybersecurity risks to organizations, and cybercriminals are finding more ways to exploit these weaknesses. With remote work, indeed, attack surfaces are be multiplied. As users we should not never let the guard down. A combination of procedures, tips, precautions, and training could mitigate risks to a great extent. Read more on our blog below! #infosec #awareness #cybersecurity #cyberthreat #cyber #threats Smartworking: computer setting up When smartworking, the golden rule says that organizations should provide hardware and software to their dependents. In actual fact, indeed, that during the pandemic the world has registered a surge in cyberattacks. If this is not possible and an organization plans or employees to use their own equipment, make sure that everything they use is up to the job. This is what often happens with small or micro enterprises, worried for soaring costs. In any case, bigger enterprises should always give employees the appropriate and secure working tools. Let’s explore what those that cannot afford IT equipment for their employ First of all, as employer you should check that your employees’ hardware and operating system are enough secure for your type of activity. Make sure for instance that for installing and running the software your people will use. Also, if the machine they will be using is underpowered, users may struggle to run multiple business applications at once. Do not forget that this is the very last option to undergo, however. Private hardware often lacks necessary hardening and security to protect work and sensitive business data from intrusion and violation. Finally, you should take similar precautions with your mobile equipment. No ‘shadow’ IT! A considerable share sensitive enterprise data goes to the cloud in high or medium risk applications, not approved by their employers. This practice refers to the term ‘shadow IT’, whereby staff start using software for business purposes that IT department has not checked. Failure to outline the tech equipment they need, along with a whitelist of approved software poses a great risk. For instance, it could pave the way to adoption of apps that are vulnerable to exploits. The pandemic has induced many businesses to perform collaboration, team management and communication software for the first time. Then, IT has the duty to ensure that deployed apps have end-to-end-to-end encryption, multifactor authentication and a good operational reputation. Finally, businesses should provide secure connection. VPNs could secure connections from domestic router. Routers firmware should be updated to the latest version. Switching off WPS could enhance its security, too. Conclusion : concluding remarks and other suggestions. In conclusion, we have briefly outlined some suggestions that business could use to secure their employees when smartworking. We also have additional suggestions. Remember that company security policies still apply even at home. Downloading forbidden and unsecure apps is not option. Do not visit off-limits websites too. Secondly, make sure your passwords are strong. Two-factors identification is a great tool that could secure apps and accounts from unwanted access. Also use a combination of letters, numbers and symbols when setting passwords. And do not forget to change them regularly. Last but not least, be aware of phishing. Have received an email from a delivery company urging to click on a link for something you have not ordered? This is a scam, do let them in your device, then!
Erecting an IT fortress: strategies for resilience
Erecting an IT fortress is an urgent need these days. Facing the surge in cyber-attacks of these times, companies will need to adopt new strategies, procedures and technologies to become more resilient to the onslaught of cybercrimes. The pandemic has shown how vulnerable many organizations are to organized malicious actors. Meanwhile, the increasing weight of digital transformation has increased the number and the extent of disruption that could occur. Indeed, being IT-resilient means keeping to a minimum any type of disruption and downtime and ensuring service continuity. Looking for an increased resilience, IT teams are re-evaluating their shortcomings and processes when it comes to building their organizations’ security infrastructure. Approaches and strategies to increase IT security such as cloud and automation offer a wide range of options. Find out more on our blog, then. Erecting an IT fortress: continuous availability First of all, the main objective of a resilient IT architecture is an ‘always-on’ customer experience. Regardless of planned or unplanned changes in the infrastructure. In brief, continuous availability keeps customers connected to their data and applications. Basically, this is having backup power or a generator for your IT. Furthermore, continuous availability means that whatever happens, be it a cyberattack, flood or planned outage, your work and network stay ‘on’ and protected against disruption. Are backups enough? They have been an important part of any IT strategy for years. Copying data and applications to store offsite allows recovery of data no matter what happens to the production environment. You should know that there are backups and backups, however. Indeed nowadays, most backup technologies are out-of-dated. For instance, many periodic backups only providing snapshots in time are not compatible with demands for recovery point objectives (RPOs) of seconds. Also, they do not work with recovery time objectives (RTOs) of minutes. Multi-Cloud Cloud technology would benefit IT resilience to a great extent. Indeed, mplementing a multi- and hybrid-cloud strategy enables businesses to accelerate operativity. Also, other advantages include the freedom to choose your own cloud and the ability to move to, from, and between clouds. Be wary though. Choosing the right cloud system is critical. Each cloud service offers different services and features that may be better suited to specific applications. Adopting a multi-cloud strategy assures the best levels of performance, response time and throughput for each application. Finally, multi-cloud tech is convenient because it offers modularity to a great extent. Conclusion: erecting an IT fortress In conclusion, these elements will ensure your organization will likely withstand any disruption. Combination of these factors with good analytics would give organizations have the what they need to drive innovation and resilience in their IT infrastructure. Do not forget, finally, that regular patching and keeping software up-to-date. As much as 60% of data breaches relate to failure to undergo consistently these activities.
Cybercrime: how can we all deal with it?
One of the biggest dilemmas in cybersecurity is the following: “Can we avoid cybercrime?” After all, online identity theft and fraud, hackers, ransomware cyber-attacks, phishing, and other scams are a threat to all of us. However, there is no Manichean answer to question. As businesses, leaders, individuals, entrepreneurs, and #security experts, we cannot stop cyber threats forever, even if united. Surely, prevention and mitigation may help in tackling cybercrime. As the Telsy family would say, indeed, “security is not the absence of threats, it’s the ability to detect them and take action before it’s too late”. Worldwide, the malicious activity of cybercriminals costs organizations and individual internet users billions every year. You might say that it doesn’t matter to you as you’re not a big cheese in the world. We think this is a big mistake. On the net, individuals save data on their computers that is potentially profitable for scammers. In short, you are their core business. Society should take action, therefore. Keep reading to protect your data and privacy on our blog, then! How to avoid cybercrime The cyber definition relates to the field of digital technology, and nowadats cybercrime is often associated with cybercrime A definition of cybersecurity is the integrated protection of internet-connected systems – hardware, software, and data from attacks. Unfortunately, plenty of people are reckless when dealing with cybercrime. A great deal of online users, for instance, use the same password per different accounts. This and similar behavior boots cybercrime. Cybercrime, indeed, employs psychological techniques to induce victims to allow them access. This is what security experts call “the human factor”. Indeed, cyber criminals need your “consent” to harm you. Therefore, they urge you to click on that link on that email that Cybercrime: types of threats Then, there are plenty of tips that can protect you from cybercrime. Hold on for a moment, however. First and foremost, you should be aware of this threat by knowing it. Let’s see the kind of threats you may bump into. Webcam cybercrime refers to the ability web cameras to spy on you when using Trojan horse attacks. For instance, screenshot managers do cybercrime when they make a snapshot of your PC when you click a doubtful link or download a file from a suspicious source. Cybercrime occurs when the ad clickers display ads and motivate you to click them, for example, Criminals attract you by offering gadgets and electronic reviews and let end up with malware instead DDoS disrupt business/e-commerce websites to by directing tons of traffic from numerous sources, and disrupt business operations as a result. There are plenty of other attacks in the modern web world. Other threat include online identity cybercrime. This means that a hacker gets unauthorized access to your personal data. It can happen if you provide somebody with private information when communicating with a scammer via email or by the phone. Scammers can even deliver you a credit card that you’ve never applied for. Conclusion: tips To conclude, we have identified the most common threat. As promised, let’s turn to practical tips, then. We recommend the following: Install a proper antivirus system and update it regularly.Never use the same passwords on several websites. Moreover, use symbols and numbers. Don’t include your name or date of birth. They are easy guess.Use firewalls to prevent unwated traffic.Pay attention to the web camera LED indicators ( this is red on external devices and blue on laptops).Don’t trust stranger offering you IT help or tips, unless they are credible. By doing so, they induce to you let them in and hack you. They can also spy on you remotely.