Tag Archives: cyber security

Facial recognition “to open new avenues for smart cities” in 2022

In 2022 and beyond, facial recognition technology will play a key role in the future of global urban development and assist in improving the experience of smart citizens. From personal convenience through to enhanced public safety, the range of applications is wide-ranging. That’s the firm belief of facial recognition technology solutions provider Corsight AI.

Using their face as their credit card, members of the public will no longer have to leverage cash for payments or worry about a stolen/lost wallet. A secure biometric system – such as that being pioneered by Amazon Go stores – makes paying for goods or services effortless.  

In terms of security and access, workplaces are beginning to understand the value of the technology as it can enable the seamless flow of people and facilitate the protection of sensitive locations by restricting access to approved visitors only. Spaces such as building sites, maternity wards and Critical National Infrastructure locations can all benefit from this software.

Facial recognition can also be used in smart cities to help identify those at risk. In the case of searching for a missing child or an Alzheimer’s patient, facial recognition technology can significantly speed up the process.

There’s a particular concern right now about the safety of public streets, especially so for women. Facial recognition technology can prove useful for recognising unusual behaviour and identifying and tracking known offenders throughout the city environment. 

Higher standards in 2022

As is the case with any technology, there are potential risks to using facial recognition, such as threats to privacy, violations of rights and potential data theft. These concerns are of significant importance and have even forced the hand of some public and private organisations to limit the use of the technology. This calls for thoughtful Government regulation moving forward and heightened responsibility for facial recognition technology vendors and operators to comply with the rules.

Currently, documents such as the General Data Protection Regulation (GDPR) are in place to set industry standards and provide ways for individuals to protect their personal data – and, by extension, their privacy and other Human Rights – which we’re seeing enforced. 

Although the industry continues to demand greater certainty from lawmakers, it’s evident that Best Practice is emerging from the application of the GDPR and its core principles. The use of Privacy Management Programmes and Data Protection Impact Assessments demonstrates the willingness to protect the data rights of citizens and maintain trust and confidence across our communities. A combination of these policies and their application will continue to ensure facial recognition technology can be used as a force for good. 

Cyber security

As data processing becomes more central to operations in 2022, organisations will need to be more responsive to the evolving cyber threat landscape. For facial recognition technology end users, in particular, securing biometric data will remain a top priority this year.

Cyber criminals are becoming increasingly sophisticated in their methods, and will now typically seek the most sensitive data to hold at ransom. Vendors must therefore implement the most stringent security measures to protect sensitive data and ensure end users are working hard to stay on top of the threat.

Customers will also demand more transparency from organisations about how they’re using their biometric data and how it’s being stored and protected. To garner trust, users of facial recognition technology must be more explicit in its use and set clear measures on individual privacy and data protection.

In 2022 and beyond, Corsight AI expects to see further commitment from policymakers and industry to develop even higher standards that attain levels not seen before. The move towards ‘Trustworthy Artificial Intelligence’, greater regulation and a genuine commitment to Human Rights will support the development of this software such that it can be used as a force for good.

Leave a comment

Filed under Security Matters

Schneider Electric launches remote Cyber Risk Assessment service in UK and Ireland

The Cyber Risk Assessment is a non-invasive high-level assessment service performed by Schneider Electric’s cyber security experts that results in the provision of recommendations and a roadmap for achieving a given organisation’s cyber security objectives. The process is completed in less than one week.

With damages from cyber crime expected to reach $6 trillion this year, a small chink in a company’s armour can result in substantial financial and reputational losses in today’s business landscape.

In essence, the new service allows Schneider Electric to remotely assess its customers’ operations and provide them with an understanding of their cyber security risk posture by dint of identifying gaps and key risk areas that need to be remediated.

Schneider Electric has already applied this process to its own Flint smart factory during the digital transformation of the facility, which is over 30 years old.

“Assessing all of the cyber threats a company faces can be a daunting task, but as attacks become increasingly common, firms simply cannot afford to bury their heads in the sand,” explained David Pownall, vice-president of services at Schneider Electric for the UK and Ireland. “We’ve created the Cyber Risk Assessment service to be the first step towards building a reliable and robust cyber security programme. This assessment process should then serve as the starting point when applying cyber security requirements in an operational technology (OT) environment.”

High-level assessment

The Cyber Risk Assessment service is a non-invasive high-level assessment performed by Schneider Electric’s OT cyber security experts. The service aligns to control categories found within industry Best Practice and standards.

To ensure a complete and actionable summary report, Schneider Electric collects information about businesses’ OT systems before conducting interviews. This includes current cyber security policies, cyber programme objectives, applicable standards, existing cyber security tools and technologies. This is all in addition to an OT network diagram, which displays the location of critical assets on the network.

Personnel data is also used, including identifying those personnel most familiar with the OT network layout (ie OT/cyber knowledge) and stakeholders who can answer detailed technical questions regarding the OT equipment and assets used within the customer’s network.

Two-stage process

The Cyber Risk Assessment itself has two key elements to it. The first element is the assessment and report. The second centres on the consultation services to discuss the results in-depth and create a tangible roadmap for the next steps. Areas to be covered here include:

Cyber security assessment

*Documentation review (eg network diagrams, current cyber security policies and programme elements)

*Remote interviews with key OT and cyber security stakeholders

*Cyber security expert analysis identifying key risk areas, gaps and recommended steps for remediation

Schneider Electric will then create a report which provides a starting point to prioritise areas.

Expert consultation

*A deep dive into the results of the cyber security assessment. Schneider Electric’s cyber security experts provide detailed recommendations and step-by-step guidance for the implementation

*Companies can ask Schneider Eleetric’s experts questions and gain clarifications of the assessment results

*Experts outline a suggested time frame for implementation and budget estimate

*Workshop sessions will define a blueprint for cyber security and prioritise which areas to address

Within the assessment, Schneider Electric’s cyber security experts will conduct controls-related network discussions, including a review of network architecture, ICS system components, cyber security policies and procedures and also physical security procedures.

*Additional information is available online by visiting the Schneider Electric website

Leave a comment

Filed under Security Matters

Government Actuary’s Department hit by circa 24,740 malicious e-mails per month

The Government Actuary’s Department has been hit by an average of 24,740 malicious e-mails every month. Data obtained and analysed by the Parliament Street Think Tank via a Freedom of Information request has revealed that a total of 74,221 malicious e-mails, including phishing, malware and spam, had been sent to the Government Actuary’s Department across July, August and September this year.

The Government Actuary’s Department provides actuarial solutions including risk analysis, modelling and advice to support the UK’s public sector. Government Actuary’s Department plays host to circa 200 employees across two offices – in London and Edinburgh – of whom around 165 are actuaries and analysts.

The majority of threats received by the Government Actuary’s Department were spam e-mails, with 38,653 attacks of this nature. In the three-month period under examination, there were also 35,497 phishing attacks and 71 malware or virus e-mails in circulation.

The total amount of phishing attacks decreased over the three-month period. In July, a total of 15,233 phishing attacks came through. In August, this number reduced to 12,111 attacks and, come September, the figure lessened once again to a total of 8,153 phishing attacks.

On average, there were 12,884 spam e-mails received across the three months. These e-mails have the potential to download viruses to staff members’ computers and steal passwords and personal information.

IT infrastructure investment

The Government is investing heavily in its IT infrastructure to the tune of almost five billion pounds on an annual basis. The Department for Business, Energy and Industrial Strategy alone spent almost two million pounds on laptops and smart phones last year. Some 1,216 mobiles were issued to departmental staff in 2020, with 1,557 computers or laptops also part of the mix.

Tim Sadler, CEO and co-founder of Tessian, commented: “The number of phishing attacks that today’s organisations have to deal with is relentless. Phishing is one of the easiest ways for cyber criminals to hack into a company. They just need one distracted or tired employee to miss the cues of an attack in order for it to be successful.”

Sadler continued: “While it’s encouraging to see that the Government is investing heavily in its IT infrastructure to support the workforce, it must also address the issue of whether or not robust security measures are in place to protect employees. In short, the people actually working from the devices. Any failure to do so means that the risk of security incidents caused by human error, such as falling for a phishing scam, will only continue to rise.” 

Leave a comment

Filed under Security Matters

Gallagher wins 2021 Fortress Cyber Security Award

Global security manufacturer Gallagher has been recognised in the 2021 Fortress Cyber Security Awards as a winner in the Authentication and Identity category for its MIFARE DESFire key migration enhancement. The US award recognises the world’s leading companies and products that are working to keep data and assets safe amid increasing threats from hackers.

Designed in response to the growing sophistication of cyber attacks upon credential security, Gallagher’s MIFARE DESFire key migration enhancement helps organisations to mitigate the risk of card cloning or tampering through the improved management of key encoding used to read card credentials. This intelligent enhancement allows for cardholder credentials to be silently updated with newly defined site-specific keys for a secure and seamless cardholder experience.

“There’s no doubt that cyber crime is evolving rapidly and that this is a growing concern for many organisations around the world,” said Steve Bell (pictured), Chief Technology Officer at Gallagher. “What was produced a decade ago may present weaknesses today. This was the basis for developing the DESFire key migration enhancement so that we could give our customers an easy way in which to securely migrate site access control keys.”

As part of its commitment to cyber security, Gallagher’s security solutions are fully authenticated and encrypted to meet global standards, including the FIPS-201 standards in the US, Type 1A in Australia and also the Centre for the Protection of National Infrastructure’s Cyber Assurance of Physical Security Systems standard here in the UK.

Leave a comment

Filed under Security Matters

Gallagher’s high security solution achieves UK cyber security standards

Security solutions manufacturer Gallagher is releasing its latest certified high security solution to market. The Gallagher UK CPNI CAPSS High Security System complies with the Cyber Assurance for Physical Security Systems (CAPSS) standard and the Centre for the Protection of National Infrastructure (CPNI) Readers and Tokens standards.

The news demonstrates Gallagher’s significant investment in delivering high security solutions for Governments operational in the Five Eyes alliance.

Passing the CAPSS evaluation provides the management teams at UK Critical National Infrastructure sites with confidence that Gallagher’s software and hardware meets the toughest cyber security requirements. The CPNI Readers and Tokens standards ensure physical access control readers and credentials are robust against both cyber and physical attacks.

“With cyber threats growing in sophistication, cyber protection has never been more vital,” explained Richard Huison, regional manager for the UK and Europe at Gallagher. “Cyber security is an integral part of Gallagher’s physical security solutions. We’re pleased with the result from our CAPSS evaluation. It demonstrates our overriding commitment to provide security solutions which offer the highest level of protection.”

The CPNI protects national security in the UK by helping to reduce vulnerability to terrorism and other threats in our national infrastructure. Gallagher’s range of compliant solutions can be found under the CPNI Catalogue of Security Equipment (cpni.gov.uk/cse-categories).

* Visit security.gallagher.com/UK-High-Security for additional information on Gallagher’s UK CPNI CAPSS High Security System

Leave a comment

Filed under Security Matters

Evolution launches new Professional Services division

Integrated fire and security systems business Evolution has launched a new Professional Services division designed to provide a range of specialist IT security and software support services for new and existing clients, as well as third party integrators and installers.

The Professional Services division will support clients with server and operating systems upgrade planning and implementation and secure and resilient cyber network design and testing. It will also focus on advanced system programming and migration and maintenance services.

Headed by Evolution’s technical director Derrel Beasley, the Professional Services division will build on the company’s 25 years’ experience of providing clients with solutions that meet the needs of today and tomorrow, with the continual development of complex and integrated solutions and cyber secure systems that protect valuable private data and meet the necessary compliance regulations.

Beasley feels that Evolution’s IT and security knowledge and experience is recognised throughout the industry. “With modern integrated security and fire systems now fully immersed in ever-evolving and often cloud-based IT systems, the requirement for trusted and proven expertise in the design, delivery, management and support of these systems has become essential.”

He added: “I’m excited that we can now offer our IT security design, management and support expertise to all end users and other security integrators around the world with complete confidentiality.”

*Further information is available online at www.evolutionsecurity.com

Leave a comment

Filed under Security Matters

Over half of UK businesses list security concerns as biggest barrier to public cloud adoption

No less than 58% of UK business decision-makers have admitted that security remains the biggest barrier to public cloud adoption in their organisations. That’s according to new research recently commissioned by Centrify, the provider of privileged access management solutions.

The research, conducted by independent polling agency Censuswide via a survey of 200 business decision-makers in large and medium-sized enterprises in the UK, also reveals that over one-third (35%) of those organisations who’ve adopted cloud are less than 80% confident that it’s completely secure.

When questioned about security weaknesses in their companies, 45% of decision-makers agree that it’s the increasing amount of machine identities and service accounts, such as those used by servers and applications, that are becoming the largest exposure point for their organisation.

Interestingly, the study findings also reveals that more than one-in-four (28%) of those companies questioned during the survey have already been targeted by a cloud hacking attempt since the start of the COVID-19 pandemic in the early part of last year.

Most worryingly, despite continued requirements on enterprises for digital transformation and rapid innovation, almost one-third (31%) of business decision-makers admitted that their development teams are more interested in circumventing security rather than building it into the DevOps pipeline. This poses a potentially grim cyber security outlook for 2021.

Adapting to the pandemic

Kamel Heus, vice-president for the EMEA region at Centrify, commented: “Adapting to the COVID-19 pandemic has been a bumpy ride for many businesses and, in most cases, companies have necessarily had to adopt the public cloud in at least some capacity due to the level of scalability, availability and efficiency it provides for distributed workforces.”

Heus continued: “While the common misconception is that cloud security is quite different to that of on-premises infrastructure, it’s by no means less secure if common security protocols are followed, and security controls are applied.”

In conclusion, Heus observed: “One core challenge posed by digital transformation is accurately verifying human and machine identities before granting access to systems, applications and other high-value targets. Therefore, adopting cloud-ready privileged access management software is essential in protecting access to workloads in the public cloud by dint of granting access only when a requestor’s identity has been properly authenticated.”

Leave a comment

Filed under Security Matters

“IP address key in countering brute force cyber attacks” asserts Verizon

Verizon’s 2020 Data Breach Investigations Report shows that 80% of the breaches caused by hacking involve brute force tactics or the use of lost or stolen credentials. Content Management Systems (CMS) are the usual targets of brute force attacks as over 39% of all websites run on WordPress, the most popular CMS of all.

Cyber criminals choose to attack pages built on CMS because they usually have the same admin page URL across websites and the default login credentials are identical, making these pages a vulnerable target. However, developers and admins can mitigate the risk by reducing IP access to the admin site login page. 

A brute force attack (sometimes referred to as brute force ‘cracking’) is a method of trying various possible passwords until the right one is found. Despite being old, the method is still widely used by hackers who attempt to gain access to a valid account. It allows bad actors to compromise the whole website and use it as a part of their network.

With more people now working remotely amid the ongoing Coronavirus pandemic, the number of brute force attacks against remote desktops via Windows’ Remote Desktop Protocol (RDP) has soared. Indeed, that number reached nigh on 100,000 attacks each day during last April and May.

In the worse case scenario, criminals can steal important data, such as passwords, pass phrases, e-mail addresses or PINs. They also use compromised websites for various fraud schemes, whereas pages themselves can be included in Google’s #blacklist’ and, as such, become invisible in search results.

Failed authentications

“Developers and admins can indicate an ongoing brute force attack by looking at failed authentications,” explained Juta Gurinaviciute, CTO at NordVPN Teams. “If the same IP address unsuccessfully tries to login to various accounts or different IP addresses are attempting to access one account in a short period of time, this is a clear sign of a data breach attempt.”

As the IP address is one of the indicators of a cyber attack, it can also be a cure. On that basis, it’s wise for companies to reduce the ‘surface area’ available for attack and limit access to the login page. This can be done by making use of IP allowlist, blocklist and fixed IP techniques.

Previously known as whitelist, IP allowlist is a set of IP addresses that have access to a specific website. The developer can specify which IP addresses are allowed to reach an admin login page and perform actions there. It’s also possible to indicate a range of IP addresses that can obtain authorised access. The latter solution is useful within bigger organizations or if numerous people require access to the website. 

However, Internet Service Providers may be changing IP addresses frequently and, as a result, the allowlist might constantly become outdated. This solution only works, then, if there’s a pool of limited IP addresses in use or the changes take place within the specific range.

Intrusion prevention frameworks

Also known as blacklist, IP blocklist is the exact opposite of the previously mentioned IP address directory as it blocks access to websites from the specified IP addresses. As this is difficult to do on a manual basis, admins and developers may employ intrusion prevention frameworks such as Fail2Ban. The framework automatically blocks IP addresses after a few unsuccessful authorisation attempts.

On the other hand, website owners can block the particular IP addresses as well as the whole IP address range. If a company notices that suspicious attacks from specific IP addresses persist, the management team should consider adding them to the blocklist.

Further, IP blocklist can also be used for geo-blocking as the IP address carries the information about where the request was sent from in the first instance. 

The third solution for minimising unauthorised access is the fixed IP method. As already mentioned, developers can limit availability of the login page to a set of trusted IP addresses. With fixed IP, they reduce the risk of IP sharing when a number of devices use the same IP address. This often leads to the ‘bad neighbour effect’ as, due to the deeds of other users, IP addresses end up in various blocked or spam lists.

The fixed IP method can be offered by Internet Service Providers and VPN services alike, but the latter ensures browsing privacy as an additional benefit.

Leave a comment

Filed under Security Matters

UK and US businesses call for improvement as employee education pinpointed to be biggest cyber security weakness during lockdown

Hardware-encrypted USB drives developer Apricorn has announced the findings from a Twitter poll designed to explore the data security and business preparedness aspects around remote working during the pandemic. More than 30% of respondents singled out employee education as being the biggest area where companies need to make changes to improve cyber security.

The poll ran across six days and targeted employees in both the UK and the US. In addition to concerns about employee education, respondents also flagged updates to hardware (29%), endpoint control (21%) and enforcing encryption (19%) as areas of weakness where organisations need to make changes to strengthen their cyber security posture.

Given that almost 30% of respondents admitted to using unencrypted devices during the pandemic this raises many concerns, and particularly so at a time when we’re seeing a dramatic increase in the volume of data being downloaded along with the potential for more data on the move.

Kurt Markley, director of sales at Apricorn, commented: “Employees have a critical role to play in cyber security processes, from recognising the tools required through to understanding and enacting the policies in place to protect sensitive data. Whether it be through the delivery of awareness programmes or ongoing training, establishing a culture of security within the workforce is now absolutely essential.”

Markley added: “Endpoint security is critical. Deploying removable storage devices with built-in hardware encryption, for example, will ensure that all data can be stored or moved around safely offline. Even if a given device is lost or stolen, the information contained will be unintelligible to anyone not authorised to access it.” 

Not fully prepared

In addition, more than 40% of respondents admitted that, as an individual, they were not fully prepared to work at home securely and productively. Almost a fifth (18%) said they lacked the right technology to do so, 16% were not sure how to and just over 20% stated that they were still not able to work remotely.  

“Many businesses will now have witnessed the positive productivity and financial impact of a remote workforce, but without the right tools, processes and security in place, this can very easily backfire,” continued Markley. 

With the poll results showing that more than 60% of respondents are planning to work remotely either all or some of the time following the pandemic, the threat to corporate data is only going to burgeon. Almost 20% admitted that the experience of working from home has duly highlighted major gaps in their employer’s cyber security strategy/policies.

When questioned as to whether their company had experienced a data breach as a result of remote working during the pandemic, over 20% replied in the afformative, but a further 22% said they didn’t know if they had suffered a breach.

Scrambling to respond

Jon Fielding (managing director for the EMEA at Apricorn) commented: “IT and security teams had to scramble to respond to this crisis and, in doing so, left a lot of companies wide open to breaches. Nine months into employees working remotely, some already know that they’ve been attacked. Others think they may have been, but cannot be certain.”

Fielding concluded: “In the same way that we had to learn how to protect ourselves from illness and modify our behaviour, we also had to learn how to protect our data outside of the firewall and, more importantly, to remain vigilant about it.”

The Apricorn Twitter poll comprised six question and answer options and realised 23,537 responses.

Leave a comment

Filed under Security Matters

Milestone XProtect VMS update “takes security to next level” with Microsoft encryption

Protecting sensitive data in surveillance systems is key to maintaining video authenticity, personal privacy and adequate cyber security measures. XProtect 2020 R3 from Milestone includes a level of encryption from Microsoft called Cryptography New Generation that adheres to “the highest levels of cyber security and data protection” available on the market today.

XProtect’s new encryption modules include stronger data protection, increased cyber security, evidence authenticity and password-protected configuration. Embedding this encryption also means that XProtect can now be configured to operate in a Federal Information Processing Standards (FIPS) 140-2 compliant mode. FIPS is a US Government computer security standard used in all software solutions deployed in US federal agencies and regulated industries such as healthcare and finance.

Security system operators are the eyes and ears of their organisation. When an incident occurs, they’re expected to provide video evidence immediately. This can sometimes be a challenging task, especially so for installations with thousands of cameras recording 24/7.

XProtect 2020 R3 offers a new multi-category search function that makes finding the specific video evidence easier and faster than ever. Multi-category search allows the operator to combine and search across multiple categories such as people, vehicles and location as well as any search agents developed and integrated into XProtect by third party technology partners.

By way of example, operators can narrow their investigation to only contain video sequences that include blue vehicles and males and exclude those that only meet one of them.

Expanded support for 360-degree cameras

XProtect 2020 R3 also offers expanded support for any 360-degree camera that delivers a complete fish-eye view. Most customers will experience significant installation and camera cost reductions and increased situational awareness when deploying these camera types compared to standard surveillance cameras.

The 2020 R3 release contains many more new and improved features and capabilities such as improved video rendering performance in the XProtect Smart Client, adaptive streaming for XProtect Mobile and direct streaming improvements in XProtect Web Client. On the cameras and devices side, XProtect 2020 R3 includes improvements such as increased security without compromising ease-of-use, more freedom to build installations that suit customers’ needs and new Device Packs.

Leave a comment

Filed under Security Matters