Posts Tagged :


Top 10 Cyber Security Predictions for 2021

960 640 Guest Blog

Looking forward to 2021, Fujitsu expects challenges to persist as organisations look to ensure their remote workforces’ security and productivity. It also expects a reset in the attitudes towards risk as organisations grapple with the dilemma of tackling new challenges with lower security budgets and anticipate the increased use of new technologies to open new security vulnerabilities.

The next 12 months will undoubtedly have its challenges. Still, organisations that are aware of these risks and take steps to mitigate their impact will be well-positioned to secure future growth in what is likely to be another interesting year.

Fujitsu’s Head of Enterprise and Cyber Security, Fiona Boyd’s top 10 cyber security predictions:

1)     Working from home has increased the attack surface

The proliferation of working from home has forced many organisations to expedite their digital strategies.

Employees have been forced to change their working habits and patterns, as many people are now working from home. This increases the so-called attack surface for any company – mainly if employees use personal devices to connect to corporate resources, since these may not have an enterprise-class level of protection. Spear-phishing emails, in particular, increase the threat to organisations. These often follow traditional attack profiles in terms of initial reconnaissance via social media before any attempt is made to compromise a user’s credentials. The end state is a crafted, targeted email. Increasingly, these emails appear to be more credible.

As home working looks set to continue, organisations should make sure employees are educated and alert for phishing emails.

2)     Success requires finding the right balance between security and user experience

The global pandemic has changed user behaviour in terms of how we are communicating, working, consuming, and spending our free time. This creates new requirements for the services we use. One common theme to all these changes and new demands is that all require our digital identities.

The sophistication of how organisations use, manage, and protect identities has not yet reached the so-called new normal. For many, this means that security controls surrounding identities still have a negative impact on user experience. Users find security to be complicated, cumbersome, and time-consuming. Consequently, frustration often results in users abandoning a service or bypassing security controls. The winners in the new normal will be those able to adapt to these new requirements and provide a strong user experience in a secure and trusted way.

3)     Risk appetites must be re-evaluated

Many security teams will enter 2021 with reduced budgets due to the impact of COVID-19.

This will require careful evaluation of spending priorities and will necessitate hard choices about which investments to cut. This will mean firms cannot evolve their security posture in line with changing security threats. Consequently, they will have to accept a higher risk that complex attacks will be successful and go undetected for longer.

4)     New life for ransomware attacks

Ransomware attacks are set to grow in scale and sophistication throughout the next year.

We are already seeing increasing numbers of attacks on previously untapped market sectors, such as healthcare. The nature of the damage of a ransomware attack is also changing. We see an increase in extortion in terms of the number of attackers threatening to release stolen data into the public domain (also known as Doxxing) rather than simply locking it away.

To compound these issues, we expect to see greater use of AI technology in ransomware attacks, as attackers seek to launch increasingly sophisticated, coordinated attacks to evade today’s detection measures. AI will be part of the problem. It also offers part of the solution, as it continues to develop greater capabilities to detect and flag suspicious behaviour.

5)     The age of disinformation attacks

The pandemic has had a significant impact on everyone and disrupted our social and work lives.

There has been one constant throughout: cybercriminals leveraging current topical themes, such as the UK’s withdrawal from the EU, elections and COVID-19. At their core, criminals are launching social engineering attacks designed to take advantage – and even create – panic and fear. In 2021, we will see new themes used to target businesses and individuals, focusing on pandemic-related topics such as mandatory vaccines, health passports, mass testing, and lockdowns. We anticipate a lot of disinformation on these topics. With the desire of many to return to post-pandemic normality, we expect multi-vector attacks built on these themes from both criminal gangs and nation-states. Some countries are already testing the use of machine learning to defend against disinformation campaigns.

6)     Security compromised while privacy preserved

DNS over HTTPS is set to become a common attack vector.

This has become a standard feature of mainstream web browsers such as Google Chrome, Mozilla Firefox, and Microsoft Edge. Effectively, this means security controls cannot analyse website requests. On the surface, this is a viable development in terms of user privacy. However, many cyber security attacks rely on access to an external website to retrieve malicious files as part of a multi-stage attack. DNS over HTTPS encrypts these requests, meaning that these requests are masked from security controls, and giving an attacker the upper hand before cyber defenders can react and respond.

Organisations should carefully evaluate whether to enable this feature on corporate devices and consider the new office dynamic, with an increasing number of workers connecting from home on personal devices to corporate infrastructure and services, increasing the opportunity for this attack type.

7)     5G will rapidly open more potential vulnerabilities

As 5G technology matures and telcos continue to roll out 5G networks, security concerns will also increase.

Among others, these will stem from an endless stream of insecure IoT devices that manufacturers are rushing to market, as well as the security requirements of critical national infrastructures. 5G security is and will remain a national security concern. It will increase enterprises’ need to revisit their security strategy for using public and untrusted mobile networks.

Organisations cannot ignore the opportunities that 5G provides. Nevertheless, to ensure their safety, they should adopt a secure-by-design mindset when exploring how to use 5G networks best.

8)     Security concerns for the Internet of Behaviours

As we develop new remote ways of going about our everyday business during the pandemic, the world is now connected more than ever.

The Internet of Things (IoT) has driven innovation in every area of life, including connected homes, internet-enabled and autonomous cars, health monitoring via smartwatches, and even the testing of drones to deliver our online shopping. However, the IoT exploded without a robust security framework. The proliferation of attacks meant that the privacy of CCTV cameras and some other IoT devices was compromised in huge DDoS attacks. 5G will accelerate the potential for the use of connected devices to track individuals’ everyday behaviour, observe where we go, who we see, where we shop, what we buy – and even to use facial recognition to work out our identity. 

This innovation must be coupled with robust data privacy controls, which should be evaluated up front rather than as an afterthought, so we can trust that the same data is not used nefariously and targeted by threat actors.

9)     Hitting where it hurts

Attacks that target characteristics specific to certain industries will continue to present more significant opportunities.

The number of attacks on connected cars has risen sharply in the last year, while in the manufacturing and utility sector, Operational Technology (OT) systems have seen a quadruple figure percentage increase in attacks. The targeting of these technologies is growing because they have less mature security controls. Many can directly impact an organisation’s operations. We expect this trend to continue in 2021.

On the positive side, we expect more organisations to recognise the value of cloud computing as a reliable means to deliver OT security to locations where it is not practical or feasible for a physical deployment.

10)  Cloud-centric does not equal threat free

Multi-layered cloud protection will take on new importance in 2021.

As organisations move toward a cloud-centric future, there will be continued disruption attempts for monetary, intellectual property, or political gain. In the first half of 2019, Netscout reported 4.8 million DDOS attacks. Ransomware attacks were also up 50% in Q3, according to data from Check Point. Such attacks can cripple businesses in very short timeframes, and the financial impact has seen companies willing to pay a ransom for their data or bring their services back online.

This trend is a cause for concern, and multi-layered cloud protection should be a focus area for many businesses in 2021 as they balance digitalisation and security.

Fujitsu reveals 12 days of Christmas security predictions

960 640 Guest Blog

By Rob Norris, VP Head of Enterprise & Cyber Security EMEIA, Fujitsu

Marked by a shortage of cyber security talent and attackers willing to exploit any vulnerability to achieve their aims, this year emphasised the need for organisations to invest in security and understand their risk posture.

With the number of vendors in the cyber security market rapidly growing, rising standard for managing identities and access, and organisations investing more in security tools, 2020 will be a transformational year for the sector. 

We anticipate that 2020 will be a positive year for security, and encourage public and private sector to work together to bring more talent to the sector and raise the industry standards. As the threat landscape continues to expand with phishing and ransomware still popular, so will the security tools, leaving organisations with a variety of solutions. Next year will also be marked by a rush to create an Artificial Intelligence silver-bullet for cyber security and a move from old-fashioned password management practices to password-less technologies.

As cyber criminals continue to find new ways to strike, we’ll be working hard to help our customers across the world to prepare their people, processes and technology to deal with these threats. One thing to always keep in mind is that technology alone cannot stop a breach – this requires a cultural shift to educate employees across organisations about data and securitygovernance. After all, people are always at the front line of a cyber-attack.

In light of this, here are“12 Days of Christmas” security predictions for the coming year:

1.     A united front for cyber security talent development 

The shortage of cyber security talent will only get worse in 2020 – if we allow it to.

The scarce talent pool of cyber security specialists has become a real problem with various reports estimating a global shortage of 3.5 million unfulfilled positions by 2021. New approaches to talent creation need to be considered. 

The government, academia, law enforcement and businesses all have a part to play in talent identification and development and will need to work collaboratively to provide different pathways for students who may not ordinarily be suited to the traditional education route. Institutions offering new cyber security courses for technically gifted individuals are a great starting point, but more will need to be done in 2020 if the shortage is to be reduced. 

2.     Cloud adoption expands the unknown threat landscape

It will take time for organisations to understand their risk posture as the adoption of cloud services grows.

While the transition to cloud-based services will provide many operational, business and commercial benefits to organisations, there will be many CISO’s working to understand the risks to their business with new data flows, data storage and new services. Traditional networks, in particular, boundaries and control of services are typically very well understood while the velocity and momentum of cloud adoption services leaves CISO’s with unanswered questions. Valid concerns remain around container security, cloud storage, cloud sharing applications, identity theft and vulnerabilities yet to be understood, or exposed. 

3.     The Brexit effect

Brexit will have far-reaching cyber security implications for many organisations, in many countries.

The UK and European markets are suffering from uncertainty around the UK’s departure from the European Union, which will affect the adoption of cyber security services, as organisations will be reticent to spend until the impact of Brexit is fully understood. 

The implications of data residency legislation, hosting, corporation tax, EU-UK security collaboration and information sharing are all questions that will need to be answered in 2020 post-Brexit. There is a long-standing collaborative relationship between the UK and its EU counterparts including European Certs and Europol and whilst the dynamics of those working relationships should continue, CISO’s and senior security personnel will be watching closely to observe the real impact. 

4.     SOAR revolution

Security Orchestration, Automation and Response (SOAR) is a real game-changer for cyber security and early adopters will see the benefits in 2020 as the threat landscape continues to expand.

Threat intelligence is a domain that has taken a while for organisations to understand in terms of terminology and real business benefits. SOAR is another domain that will take time to be understood and adopted, but the business benefits are also tangible. At a granular level, the correct adoption of SOAR will help organisations map, understand and improve their business processes. By making correct use of their technology stack and associated API’s early adopters will get faster and enhanced reporting and will improve their security posture through the reduction of the Mean Time To Respond (MTTR) to threats that could impact their reputation, operations and bottom-line. 

5.     Further market fragmentation will frustrate CISOs 

The number of vendors in the cyber security market has been rapidly growing and that will continue in 2020, but this is leading to confusion for organisations.

The cyber security market is an increasingly saturated one, often at the frustration of CISO’s who are frequently asked to evaluate new products. Providers that can offer a combined set of cyber security services that deliver clear business outcomes will gain traction as they can offer benefits over the use of disparate security technologies such as a reduction in contract management, discount provisioned across services, single point of contacts and reduction in services and technologies to manage. 

Providers that continue to acquire security technologies to enhance their stack such as Endpoint Detection and Response (EDR) or technology analytics, will be best positioned to provide the full Managed Detection and Response (MDR) services that organisations need. 

6.     Artificial Intelligence (AI) will need real security

2020 will see a rise in the use of adversarial attacks to exploit vulnerabilities in AI systems.

There is a rush to create an AI silver-bullet for cyber security however, there is currently a lack of focus on security for AI. It is likely we will see a shift towards this research area as “adversarial” approaches to neural networks could potentially divulge partial or complete data points that the model was trained on. It is also possible to extract parts of a model leading to intellectual property theft as well as the ability to craft “adversarial” AI which can manipulate the intended model. Currently, it is hard to detect and remediate these attacks. 

There will need to be more focus on explainable AI, which would allow for response and remediation on what are currently black-box models.

7.     Organisations will need to understand how to make better use of security tools and controls at their disposal

Customers will need to take better advantage of the security measures that they already have available.  

The well-established cloud platforms already contain many integrated security features but organisations are failing to take advantage of these features, partly because they do not know about them.  A greater understanding of these features will allow organisations to make smarter investment decisions and we expect to see a growing demand for advice and services that allow organisations to optimally configure and monitor those technologies to ensure they have minimal risk and exposure to threats.

Fujitsu predicted last year that securing multi-cloud environments will be key going forward and organisations continue to need to find a balance of native and third-party tools to drive the right solution for their objectives.  

8.     Do you Wannacry again?

The end of support for Windows Server 2008 and Windows 7 will open the door for well-prepared attackers.

January 2020 sees the official end of support life for all variants of Windows Server 2008 and Windows 7, which share elements of the same code base. This means that both end-user devices and data center servers will be equally vulnerable to the same exploits and opens the possibility that organisations could be susceptible to attacks that cause large outages.

In 2017, Wannacry surfaced and caused some well-publicised outages including well-known organisations from across the healthcare, manufacturing, logistics and aerospace industries.  Microsoft had released patches two months before and recommended using a later version of the impacted components. We also learned in 2017, via Edward Snowden, that nation-states have built up an armoury of previously undisclosed exploits. These exploits are documented to target the majority of publicly available Operating Systems and so it stands to reason that cyber criminals could have also built a war chest of tools which will surface once the end of vendor support has passed for these Operating systems.  

9.     Rising the standard for managing identities and access

Federated Authentication, Single Sign-On and Adaptive Multi-Factor will become standard, if not required, practices in 2020.

2020 will see organisations continuing their adoption of hybrid and multi-cloud infrastructures and a ‘cloud-first’ attitude for applications.  This creates the challenge of managing the expanding bundle of associated identities and credentials across the organisation.

Identities and associated credentials are the key attack vector in a data breach – they are ‘keys to the kingdom’.  Without sufficient controls, especially for those with privileged rights, it is becoming increasingly difficult for organisations to securely manage identities and mitigate the risk of a data breach.  Capabilities such as Federation Authentication, Single Sign-On and Adaptive Multi-Factor address the challenge of balance between security and usability, and we see this becoming standard, if not required, practice in 2020.

10.  Extortion phishing on the rise

Taboo lures enhanced phishing and social engineering techniques will prey on user privacy.

We are seeing an increase in a form of phishing that would have a recipient believe their potentially embarrassing web browsing and private activity has been observed with spyware and will be made public unless a large ransom is paid.

Since their widespread emergence last year, the techniques used by these extortionists to evade filters continue to develop. Simple text-only emails from single addresses now come from ‘burnable’ single-use domains. Glyphs from the Cyrillic, Greek, Armenian and extended Latin alphabets are being used to substitute letters in the email to bypass keyword filters and Bitcoin wallets are rotated often and used to associate a recipient with a payment. 

The psychological tricks used in the wording of these emails will develop and likely aid their continued success.

11.  Passwords become a thing of the past

We will see increasing adoption of end-to-end password-less access, especially in scenarios where Privileged Access Management (PAM) is required.

Next year we will see a move from old-fashioned password management practices to password-less technologies. The increasing number of cases where privileged credentials and passwords are required, but are painful to manage in secure and cost effective, way will drive this shift. Passwords are easy to forget and the increasing complexity requirements placed upon users increases the chances of passwords having to be written down – which is self-defeating.  Biometric technologies and ephemeral certificates will provide a more secure and user-friendly way to manage credentials and ensure assets and data are kept secure. 

12.  Ransomware not so random

As more organisations employ negotiators to work with threat actors, ransomware is likely to decrease next year.

In 2019, we observed a shift in the way certain ransomware ransom notes were constructed. Traditionally, ransomware notes are generic template text informing the victim that their files are encrypted and that they must pay a set amount of Bitcoin in order to have their files unencrypted.

When threat actors successfully deploy ransomware network-wide and achieve other deployment objectives, they inform their victims their files are encrypted. Crucially, however, they do not reveal the price they demand for their decryption. Instead, threat actors seek to open a dialogue with the victim to discuss a price. This change has seen organisations employ negotiators to work with threat actors on managing and, hopefully, reducing the demand and we expect this to continue in 2020.

Image by 4924546 from Pixabay 

Fujitsu expands PalmSecure biometric security offering

960 640 Stuart O'Brien

Fujitsu has revealed a new, extended range of PalmSecure-based biometric security solutions that it claims ‘consigns passwords to history’.

Available immediately to customers in Europe, the Middle East, India and Africa, the expanded Fujitsu PalmSecure offering comprises four main elements: Fujitsu Biometric Authentication PalmSecure ID Engine; ID GateKeeper; ID LifePass; and ID Login V2 for access to client computing, physical access to buildings or data centres and to all kinds of applications via an Application Programming Interface (API). 

Fujitsu says the new offering enables customers to benefit from a broad range of password-free biometric authentication applications.

PalmSecure enables organisations to ‘step up to the highest level of biometric security’, while increasing convenience for users and avoiding costly service desk interactions to reset forgotten passwords. Integration capabilities allow customers to build ultra-secure biometric control into solutions for physical access to buildings and devices, as well as logical access to specific applications and services.

Based on a new central matching server, it enhances security by eliminating the need for multiple user enrolment across different locations, devices, applications or services. Integration with various kinds of applications and equipment is facilitated using an Application Programming Interface (API), extending biometric ID to use cases from data centre entry to user credentials for industrial machinery, to single sign-on (SSO).

The contactless PalmSecure authentication system uses biometric technology developed based on Fujitsu’s more than two decades of image recognition experience and incorporates technology from BioSec Group to authenticate users based on the unique pattern of their palm veins. Vein patterns are unique to individuals and contain detailed characteristics, allowing a template to be formed for each user.

Oliver Reyers, Head of Biometrics at Fujitsu in EMEIA, said: “Biometric ID and palm vein technology in particular are lifting IT security to a higher level. There’s no need to remember – or regularly change – complex passwords, and this makes it so much more convenient for users to access secure assets and applications. Fujitsu has applied the principle of simplicity to solution development and deployment. This has resulted in an expanded portfolio of biometric security solutions, which make it easier for organisations to implement biometric identification. Fujitsu’s PalmSecure biometric recognition algorithm delivers ultra-low false acceptance rates, while central enrolment processes ensure that users can’t bypass security simply by creating multiple IDs.”

Péter Györgydeák, CEO at Biosec, added: “Until now, biometric technologies have been the unsung hero for enterprises, despite their high levels of user acceptance, and the fact that it’s almost impossible to ‘lose’ your biometric ID – which means a dramatic reduction in helpdesk calls for password resets. By teaming up with Fujitsu, we have a joint opportunity to help biometrics reach their full potential in the workplace. The new expanded PalmSecure portfolio puts biometric ID within reach of just about any use case, and makes great financial sense for any organisation that’s serious about security.”

Image by NeiFo from Pixabay