Monthly Archives: June 2020

WatchGuard report finds two-thirds of malware to be encrypted

WatchGuard Technologies’ latest Internet Security Report shows that 67% of all malware in Q1 2020 was delivered via encrypted HTTPS connections and that 72% of encrypted malware was classified as zero day, so on that basis would have evaded signature-based anti-virus protection.

These findings show that, without HTTPS inspection of encrypted traffic and advanced behaviour-based threat detection and response, organisations are missing up to two-thirds of incoming threats. The report also highlights the finding that the UK was a top target for cyber criminals in Q1, earning a spot in the Top Three countries for the five most widespread network attacks.

“Some organisations are reluctant to set up HTTPS inspection due to the extra work involved, but our threat data clearly shows that a majority of malware is delivered through encrypted connections and that letting traffic go uninspected is simply no longer an option,” said Corey Nachreiner, chief technology officer at WatchGuard. “As malware continues to become more advanced and evasive, the only reliable approach towards defence is implementing a set of layered security services, including advanced threat detection methods and HTTPS inspection.”

Malware

Key findings

Other key findings from WatchGuard’s latest Internet Security Report include:

Monero cryptominers surge in popularity Five of the Top Ten domains distributing malware in Q1 (identified by WatchGuard’s DNS filtering service DNSWatch) either hosted or controlled Monero cryptominers. This sudden jump in cryptominer popularity could simply be due to its utility. Adding a cryptomining module to malware is an easy way for online criminals to generate passive income

Flawed-Ammyy and Cryxos malware variants join top lists The Cryxos trojan was third on WatchGuard’s Top Five encrypted malware list and also third on its Top Five most widespread malware detections list, primarily targeting Hong Kong. It’s delivered as an e-mail attachment disguised as an invoice and will ask the user to enter their e-mail and password which it stores. Flawed-Ammyy is a support scam where the attacker uses the Ammyy Admin support software to gain remote access to the victim’s computer

Three-year-old Adobe vulnerability appears in top network attacks An Adobe Acrobat Reader exploit that was patched in August 2017 appeared in WatchGuard’s top network attacks list for the first time in Q1 of this year. This vulnerability resurfacing several years after being discovered and resolved illustrates the importance of regularly patching and updating systems

Mapp Engage, AT&T and Bet365 targeted with spear phishing campaigns Three new domains hosting phishing campaigns appeared on WatchGuard’s Top Ten list in Q1 2020. They impersonated digital marketing and analytics product Mapp Engage, online betting platform Bet365 (this campaign was in Chinese) and an AT&T login page (this campaign is no longer active at the time of the report’s publication)

COVID-19 impact Q1 2020 was only the start of the massive changes to the cyber threat landscape brought on by the COVID-19 pandemic. Even in the first three months of 2020, WatchGuard still saw a massive rise in remote workers and attacks targeting individuals

Malware hits and network attacks decline Overall, there were 6.9% fewer malware hits and 11.6% fewer network attacks in Q1, despite a 9% increase in the number of Fireboxes contributing data. This could be attributed to fewer potential targets operating within the traditional network perimeter with worldwide work-from-home policies in full force during the COVID-19 pandemic

Malware2

Anonymised data

The findings in WatchGuard’s Internet Security Reports are drawn from anonymised Firebox Feed data from active WatchGuard appliances whose owners have opted in to share data to support the Threat Lab’s research efforts. Over 44,000 appliances worldwide contribute threat intelligence data to the report. In Q1 2020, they blocked over 32,148,519 malware variants in total (730 samples per device) and more than 1,660,000 network attacks (38 attacks per device).

The complete report includes key defensive Best Practices that organisations of all sizes can use to protect themselves in today’s threat landscape and a detailed analysis of how the COVID-19 pandemic and associated shift to working from home affected the cyber security landscape.

*To view the full report visit Internet Security Report for Q1 2020

Leave a comment

Filed under Security Matters

Spring Bank Holiday security patrol team in Southend save man’s life

The Spring Bank Holiday on Monday 25 May witnessed a security patrol team from Approved Contractor Scheme-registered Stambridge Security Services save a middle-aged man who was suffering from a potentially life-threatening heart attack at Southend-on-Sea Pleasure Beach.

Security Industry Authority (SIA)-licensed door supervisors Jamie Spiers and Patrick Bourke were on patrol at the Pleasure Beach when they received a call from a colleague at around 2.00 pm stating that there was a male in distress.

It was a busy and hot day. Spiers and Bourke found the unconscious man lying on the beach fully dressed and breathing erratically. He was having a cardiac arrest. Both officers are qualified First Aid trainers and immediately called the Emergency Services who advised that they should start cardiopulmonary resuscitation (ie CPR).

Spiers started chest compressions while Bourke alerted Southend-based Stambridge Security Services’ Control Room staff to ensure that CCTV was capturing everything. The two door supervisors also took it in turns to administer rescue breaths.

SIALogo

Air Ambulance on scene

Spiers said: “Thankfully we were in the right place at the right time. We took turns in helping the man to breathe because it was so tiring. It took about 15 minutes for the paramedics to arrive. We were relentless, consistent and we did not stop. When the Emergency Services arrived they took over and used a defibrillator. The Air Ambulance also came to the scene.”

Once Spiers and Bourke had handed the man over to the Emergency Services, they cordoned off the busy Pleasure Beach. As it was a Bank Holiday, the traffic was very heavy so they directed cars away from the scene to enable the Emergency Services to transport their patient to Southend Hospital.

Three days later, a security operative at Southend Hospital called Spiers such that he could chat to the man whom he and Bourke had saved. He was very thankful.

On that note, Spiers stated: “I’ve been a door supervisor for 12 years and I was born and bred in Southend. Patrick and I have worked together in crowd control and always focus on making sure we can create a safe environment. I’m just glad we could help. Who would have thought that Patrick and I would save a man’s life?”

Critical and key workers

There are upwards of 400,000 licensed security operatives in the UK and, like Spiers and Bourke, many continue to work as critical and key workers in safeguarding and protecting hospitals and sheltered accommodation, supporting social distancing in supermarkets and transacting other essential operations.

Ian Todd, CEO at the SIA, said: “It’s important to remember that many individuals in the security industry are working as critical and key workers during this emergency period. The scenario in which Jamie and Patrick were involved is testament to the fact that, despite the challenges, many operatives and businesses are going the extra mile to serve their communities.”  

The SIA is actively promoting the industry’s dedication and commitment through the #SIAHeroes campaign. The Regulator is sharing inspiring stories of security operatives who are keeping the public safe and secure at this critical time.

*Read all of the #SIAHeroes stories online here

Leave a comment

Filed under Security Matters

Euralarm opens its doors to Associate Members

Prior to organising its Extraordinary General Assembly and following a decision taken by the membership, Euralarm is now opening its doors to Associate Members. Founded back in 1970, Euralarm represents over 5,000 companies within the fire safety and security industry. Collectively, these organisations are valued at 67 billion Euros.

At present, Europe finds itself in a time of change. New technologies, digitisation, new standards and regulations are pointing towards a new era, but life safety and security for European citizens whether at home, at work or travelling throughout Europe are going to remain key considerations.

The fire safety and security industry has a vitally important role to play in keeping Europe a safe place. In relation to this, the work of Euralarm is supported by a broad representation of stakeholders caring for a safe and secure society. That support ensures that Euralarm can contribute towards a safe and secure environment.

Euralarm provides leadership for the fire safety and security industry, offering their expertise to policy-makers and standardisation bodies alike. The organisation proactively supports a European Single Market strategy for the sector. As part of that strategy, and as the only Trade Association in the sector, Euralarm has a local team operational in Brussels.

Until now, the membership of Euralarm was open to national associations and companies who want to tap into the political expertise of the organisation and understand how European Union and local policy is impacting the fire safety and security industry and its markets.

EuralarmAssociateMembership

Seeking new members

Euralarm is now calling upon stakeholders who want to contribute to the move to the next era to join the organisation. Those stakeholders include research organisations, certification bodies, associations, insurance companies and consumer organisations.

Associate membership allows companies to make personal connections with technical and political experts, share expertise on standardisation and be heard and influence standardisation and legislative processes. Stakeholders who become associate members will be kept in touch with the latest trends in regulation and technology and benefit from direct access to a repository of Euralarm documentation produced by members and the professional team resident at the Trade Association.

Associate members are also welcome to network with industry experts during the annual Euralarm Symposium in addition to other focused events.

Associate membership brings with it observer status. There are no voting rights attached or rights to chair a Euralarm Section or Euralarm Committee. Associate members have the right to participate in the activities of the Trade Association and its sections and have access to relevant section and cross-sectional information.

*Organisations interested in joining Euralarm as associate members can send their application in writing to the General Management or visit the Euralarm website at www.euralarm.org for more information

Leave a comment

Filed under Security Matters

Trauma awareness training to be highlighted on Armed Forces Day 2020

On Armed Forces Day 2020, which takes place on Saturday 27 June, the mental health charity PTSD Resolution is going to be highlighting the plight of Armed Forces’ veterans who find themselves in the criminal justice system. Many are suffering from military trauma and are not receiving the therapeutic support that they need to become well again and rehabilitated.
 
The specialist charity works with security companies and myriad organisations, among them ASIS UK, in order to provide therapy for staff who have been traumatised, as well as training for line managers.

On Friday 26 June at 1.30 pm, PTSD Resolution is holding a free webinar entitled ‘Trauma Awareness Training for Everyone’. The TATE Programme helps people to recognise the symptoms of trauma in themselves, their colleagues or members of staff whom they manage. It provides valuable information on appropriate support and routes for both referral and treatment.

PTSDResolutionLogo

The charity has also launched a special film that tells the story of a former HMPS prisoner and veteran of the First Gulf War. Entitled ‘The Silent Years’, the film was produced and donated by students of the Ravensbourne University, namely Shakeel Hussain (editor), Louise Corleys (editor and sound), Poppy Louise Carter (director) and Diana Alexandru (producer).

Addiction and breakdown

Government statistics estimate that approximately 4% of those in custody and on community orders are ex-Armed Forces personnel, but external estimates claim that the proportion in the prison population may be as high as 17%.

In addition to criminality, military trauma when left untreated can result in addiction, family breakdown and even suicide.
 
“The Coronavirus lockdown gives us all some idea of the stress of losing our freedom even if we’re not actually in prison,” explained Patrick Rea, campaign director for PTSD Resolution. “Plenty of veterans find themselves in the criminal justice system. In many instances, this is at least in part because of the effects of military trauma they’re still suffering. If they don’t receive the therapy they need in prison to become better, how can we expect them to re-join society responsibly? This is both a justice system and a humanitarian issue.”

PatrickReaPTSDResolution

Patrick Rea

For its part, PTSD Resolution has provided free mental health therapy to veterans, reservists and their families for eleven years now and taken care of people right across the UK. It’s one of the only providers of specialist help to former Armed Forces personnel while they’re in prison or have alcohol and/or substance abuse problems. Treatment is available through a network of 200 therapists, either online or by telephone during the current lockdown scenario.

Reporting of symptoms

According to research conducted by the British Journal of Psychiatry, among ex-Armed Forces personnel, no less than 17% of those who had been deployed to Iraq and Afghanistan in 2014-2016 reported symptoms suggesting PTSD. Those deployed in a support role such (eg medical, logistics, signals, aircrew) were affected at a rate of 6%, which is 1-2% higher than in the general UK population.
 
Emerging studies are indicating that, following the COVID-19 outbreak, rates of PTSD among those serving as medical key workers or Emergency Services personnel and who have been personally affected by the pandemic are likely to be much higher.

*For further information on PTSD Resolution visit www.ptsdresolution.org

Leave a comment

Filed under Security Matters

Evolution and Zitko Consulting announce resourcing partnership

Integrated fire and security systems business Evolution has entered into an exclusive agreement with Zitko Consulting to manage all of its staff resourcing requirements across engineering, operations and management.

The two companies have been working together successfully for several years now on national and, indeed, international recruitment projects. The new managed service contract will embed a senior Zitko consultant, namely Paul Gooding, into the organisation to provide close support.

Richard Lambert, managing director of Evolution, is looking forward to involving Paul more closely in the strategic business and manpower planning. Lambert explained to Security Matters: “Until now, we’ve expended considerable time and energy working with multiple consultancies. This new arrangement will allow a deeper and more productive collaboration involving a team we’ve come to know and trust.”

RichardLambertEvolutionSecurity

Richard Lambert

Zitko Consulting is a specialist fire and security recruitment consultancy. The firm manages an extensive professional network that not only yields highly sought-after specialists, but also valuable industry insights and market intelligence.

“With the new partnership,” asserted George Zitko (managing director at Zitko Consulting), “we’ll be able to contribute towards the Evolution business far more widely, from salary research and employer marketing right through to building talent pools well in advance of requirement.”

Zitko added: “Evolution is a company we’ve long admired. They’re one of the top integrators, have a fantastic working environment and strong core values with which we we align. The moment you see the classic BMW motorbike in reception you know you’re somewhere special.”

GeorgeZitkoZitkoConsulting

George Zitko

Post Covid-19 momentum is already building for Evolution and one of the priorities for the new partnership will be resourcing skilled project and technical engineers. The first campaigns will be appearing shortly.

Leave a comment

Filed under Security Matters

PAC and GDX name Bill Hobbs as new global head of sales

PAC and GDX has announced the appointment of Bill Hobbs as the new global vice-president of sales for 3xLOGIC and PACOM. Hobbs adds PAC and GDX to his portfolio and will now consolidate sales leadership for these brands across all countries. 

Hobbs’ career spans more than 35 years in the systems integration and physical security industries. Initially a software developer and systems engineer, Hobbs has built multiple systems integration businesses over his career and, for the past 20 years, has headed up technical sales teams across a variety of industry-leading organisations.

BillHobbsPACGDX

Bill Hobbs

“As we continue to evolve our businesses, the key goal remains to provide the best solutions and customer experience across all of our brands,” observed Hobbs in conversation with Security Matters. “I am very pleased to be able to add the strength of the PAC and GDX sales teams to my global sales organisation. This consolidation will expand our capability to provide a fully-layered approach towards securing our customers’ estates and optimising their businesses.”

Jason Sullivan takes up the role of national sales manager for PAC and GDX in the UK and Ireland and will report directly to Hobbs 

Sullivan commented: “Over the next few months we will continue to introduce the 3xLOGIC product line into the UKI and EMEA regions. The addition of the PAC and GDX sales team under Bill’s organisation will further underpin our ongoing efforts to accelerate this product introduction.”

3xLOGIC, PAC, GDX and PACOM are four trusted brands that have a combined longevity of over 100 years in the security industry and can offer solutions ranging from door entry, integrated access control and intruder detection through to video and business intelligence.

Leave a comment

Filed under Security Matters

CHAS makes it easy to locate COVID-19 secure contractors

CHAS, the supply chain risk management expert, has added a Statement of Best Practice (COVID-19) to its member-focused packages designed to assist anyone who engages contractors in immediately identifying whether or not they are COVID-19 secure.

Organisations have had to rapidly adapt their working practices to operate safely during the Coronavirus outbreak and CHAS’ Statement of Best Practice (COVID-19) helps to verify that these adjustments have been made in line with latest Government and sector-issued guidelines.

COVID19

In order for a contractor to qualify as COVID-19 secure they must confirm (and, where appropriate, evidence) that they have taken three key actions which include:

  • Producing and putting into place COVID-19 specific risk assessments, method statements and controls 
  • Sharing the risk assessment with staff (and online for organisations with over 50 employees)
  • Displaying a notice to confirm they have complied with Government guidance

Construction-related businesses must also indicate that they are following COVID-19 Secure Site Operating Procedures as detailed by the Construction Leadership Council.

For contractors to comply, they simply need to login to the contractor portal and upload and submit evidence to show they meet the requirements. Meanwhile, CHAS clients log on to the CHAS Client Portal and they can instantly see whether a contractor has completed the Statement of Best Practice (COVID-19).

For those organisations who are not already CHAS clients, it is quick, easy and completely free to register and includes a range of business benefits, from the ability to easily source compliant contractors by trade and region from a database of over 50 0000 through to the availability of dedicated business services.

CHAS managing director Ian McKinnon informed Security Matters: “We recognise that organisations are looking for reassurance that everyone within their supply chain is operating to the required COVID-19 secure standards, but we also know that it’s extremely difficult for organisations to perform these checks independently, and particularly so while running on skeleton staff. The Statement of Best Practice (COVID-19) makes it easy for CHAS contractors to qualify for work while affording CHAS clients immediate visibility of a contractor’s COVID-19 secure status.”

Leave a comment

Filed under Security Matters

Notting Hill Genesis surveillance upgrade project witnesses Cloudview and Amthal Fire & Security working in tandem

Amthal Fire & Security has been working closely with secure cloud CCTV specialist Cloudview in order to upgrade legacy network surveillance systems and realise smart cloud-based and, importantly, compliant solutions for the benefit of staff and residents involved with Notting Hill Genesis. 

Notting Hill Genesis is one of the largest housing associations in London and the South East, with its head office at Kings Cross and five further site locations requiring high quality protection for more than 1,500 office-based members of staff.

Amthal Fire & Security has been working closely with Cloudview to take responsibility for security maintenance across the office portfolio, alongside ensuring the safety and security of residents housed in both new and existing dwellings.

To ensure efficiency savings, compliance and smart capability when it comes to CCTV, Notting Hill Genesis’ visual data partner Cloudview has supplied its specialist systems for Amthal Fire & Security engineers to install across the office and development network.  The new system removes the need for DVRs and allows authorised personnel instant and secure remote access for the management of evidential footage stored as required in case of a threat or an emergency scenario.

Image Useage

Compliance with the GDPR

Suki Kahlon, office services manager for central services at Notting Hill Genesis, informed Security Matters: “The need to update CCTV systems for ensuring compliance with the General Data Protection Regulation (GDPR) was of paramount importance, both for the Notting Hill Genesis team and also for our residents and their safety. Partnering with Cloudview and, later on, Amthal Fire & Security has been of great benefit. They understand our working environment.”

Kahlon continued: “Both companies operated in such a way as to enable a scalable upgrade programme of works across our office base and various housing developments. Essentially, our ambition is that wherever we have CCTV systems in place, we want to upgrade to the cloud and bring our networks together in a centrally managed visual data infrastructure. The Cloudview solution has been well received by building managers and authorised personnel.”

To date, Amthal Fire & Security’s installation and maintenance teams have completed install works at the head office in Kings Cross and at the West London office in Hammersmith, in addition to new housing development connections.

Visual data

The new surveillance technology is created to offer alerts when instant action is required and based on what’s identified as a threat. Visual data can be accessed anywhere at any time and on any device. It can also be shared immediately and saved for up to 12 months if required, with 30-day delete options as standard in order to comply with the GDPR.

Crucially, the data is only accessible to authorised personnel, all of whom have audit control capability for full compliance.

Stephen Bates, CEO at Cloudview, observed: “Notting Hill Genesis is committed to providing safe and secure communities in which residents can thrive. Equally, the client is very clear on its responsibilities to its team members who are at the heart of these communities. The need for smart surveillance technology that can be centrally managed is integral. We were delighted to offer a solution that could bring these requirements together. With the help of Amthal Fire & Security, we have enabled a seamless installation process between all Notting Hill Genesis’ offices and housing developments.”

NHGCloudview

Phil Bryant, manager of the strategic accounts team at Amthal Fire & Security, added: “At the heart of social enterprise is the overriding need to create homes and communities in which residents want to live, with management taken care of by the dedicated local teams employed by Notting Hill Genesis. The organisation now has smart systems in place to ensure ongoing safety and security.”

Bryant continued: “The Cloudview system installed by Amthal Fire & Security, with both of us operating in constant collaboration, has proven to offer best value and significant efficiency savings that can be maintained to ensure ongoing compliance and simple maintenance plans. It also allows Notting Hill Genesis staff to have a much more reactive and instant approach to any threat identified, thereby affording total peace of mind.”

Leave a comment

Filed under Security Matters

AMG Systems continues expansion drive with appointment of two regional sales managers

Transmission solutions specialist AMG Systems has announced the appointment of Steve Dunning and Rob Kidd as regional sales managers.

Dunning’s new role will see him supporting the North of England and Scotland. His previous security industry experience includes systems integration, manufacturing and, latterly, sales roles at Pro-Vision and EET Europe.

Focused on the adoption and configuration of IP CCTV systems, Kidd’s career has developed by dint of working for companies such as Axis Communications, Anixter and Comnet. Based in London, Kidd’s new role encompasses supporting AMG Systems customers in the South of England and Ireland.

SteveDRobK

“Working closely with installers, system integrators, end users, specifiers and consultants, my focus will be to develop sales and increase the awareness of AMG Systems as a UK manufacturer of environmentally robust Ethernet, wireless and fibre optic transmission solutions,” said Dunning.

Kidd commented: “In short, I will be looking to establish AMG Systems as the UK’s ‘Go To’ manufacturer for industrial transmission equipment, helping to make advanced network configuration simpler for everyone.”

Commenting on the two new regional sales manager appointments, Steve Clarke (AMG Systems’ managing director) explained to Security Matters: “We’re welcoming Steve and Rob to our highly experienced team. AMG Systems is building a solid platform to implement its expanding portfolio of high-performance transmission products. The appointment of the two new regional sales managers will support our drive to deliver first-class customer support across all of the regions in which we operate.”

Leave a comment

Filed under Security Matters