| 05.29.14 | Spread of APTs fuels enterprise spending on threat intelligence

If you are unable to see the message below, click here to view.

Editor's Corner: Critical infrastructure: All together now What's New: 1. Spread of APTs fuels enterprise spending on threat intelligence 2. Microsoft warns against workaround enabling XP users to get security updates 3. Security firm AVAST, music streaming service Spotify report data breaches 4. Gartner: Most mobile security breaches will be caused by misconfigured apps by 2017 5. 28 DDoS attacks occur every hour, report finds Spotlight: Free encryption service TrueCrypt apparently shuts down Also Noted: Microsoft's personalized patch dashboard; OpenSSL gets security update; Much more... News From The Fierce Network: 1. China Mobile could be looking to buy US carrier 2. Beyond Verbal's emotion-recognition tech could change customer service 3. Samsung outlines vision for wearables open platform May 29, 2014 Subscribe | Website Refer FierceITSecurity to a Colleague This week's sponsors: HP CA Technologies HP Mashery Follow @fierceitsec on Twitter This week's sponsor is HP.   Ponemon According to the Ponemon Institute's 2013 Cost of Cyber Crime study, the average cost to businesses of cyber crime is more than $7M per year—a 30% increase over last year. And the average number of attacks per company grew 20% to 73 successful attacks annually. With the incidence and cost of cyber crime rising sharply, this study of 234 companies in six countries details the types of cyber attacks found to be most common and the losses resulting from each type of attack. Read it to learn more. Editor's Corner Critical infrastructure: All together now By Derek C. Slater Comment | Forward | Twitter | Facebook | LinkedIn Vertical industries are clubby. They tend to band together and create industry bodies and associations. NERC, FERC, TIA and so on. This is good and natural and, in the context of security, creates some basis for sharing threat intelligence and effective practices.   But the real magic word in critical infrastructure security today is this: Interdependency.   Yes, dependencies are rife within individual sectors. The power grid is an amalgam of interlocked systems and companies. Those companies have their wires crossed in the most literal sense.   But if the power grid goes down, it's not just a power company problem. With no power, communications take a hit. And with delayed or unreliable communications, effects cascade to other industries. And so on.   So these sectors should be aware of each other's relative strengths and weaknesses.    The financial sector is widely regarded as taking the lead in implementing digital security measures, which makes sense, as they've been hacker targets longer than, say, electric utilities. But as veteran security journalist George V. Hulme reports in the Fierce eBook Critical Infrastructure and Cybersecurity, financial institutions aren't above making costly errors or oversights.    And after what's known as "the lost decade" among SCADA security experts, Stuxnet was likely the watershed discovery that awakened slowpokes to the fact that Industry Control Systems, or ICS, are now targets much like banks, if not always for the same reasons.   Now the threat is more widely recognized, but defenders must sort out hype from reality, creating effective, protective strategies across these ever-more-interconnected systems in process control manufacturing, public and private utilities, telcos, financial trading systems and more.    In this free, registration-required PDF, Hulme canvasses CISOs and critical infrastructure experts to help guide the way. - Derek (@derekcslater)   More on ICS, SCADA and critical infrastructure security: Spending on utilities security will reach $84B this year Target, Nike, other big retailers form cybersecurity information sharing center Mathematical model may predict next Stuxnet 7 deadly sins: The most dangerous new attack techniques for 2014 Read more about: Critical Infrastructure Sponsor: HP Events > Gartner Security & Risk Management Summit 2014 - June 23-26, 2014 - National Harbor, MD Marketplace > Whitepaper: Finding ROI in Document Collaboration > Whitepaper: Delight & Engage Customers with Mobile APIs > Whitepaper: 802.11ac in the Enterprise: Technologies and Strategies > Whitepaper: Defense Against the Dark Arts: Finding and Stopping Advanced Threats > Whitepaper: Longline Phishing: A new Class of Advanced Phishing Attacks > eBook: eBrief | Best Practices in Mobile Application and Management Delivery > Whitepaper: APIs Drive Opportunity Explosion > Whitepaper: Supporting VDIs and Thin Clients > Whitepaper: Four Ways to Improve IT Efficiency This week's sponsor is CA Technologies. Webinar: Rethinking Enterprise Mobility Management – Beyond BYOD Thursday, May 29th, 12pm ET / 9am PT Our panel of experts will help you understand how to develop effective strategies that accelerate mobility transformation and prepare your organization for the mobile future. Register Today! What's New 1. Spread of APTs fuels enterprise spending on threat intelligence By Fred Donovan Comment | Forward | Twitter | Facebook | LinkedIn With the U.S. Department of Justice indicting Chinese military officials for industrial espionage, the advanced persistent threat, a method favored by state-sponsored attackers, is top of mind for IT security pros. To counter APTs, enterprises are turning to threat intelligence security services, fueling spending on these services. Market research firm IDC is forecasting that TISS spending will top $900 million this year and climb to $1.4 billion in 2018. IDC includes in the TISS market data feeds and publications, consulting security services, managed security services, as well as iterative intelligence that incorporates past experience and mistakes into new knowledge at a rapid pace. "Attack information can come from many different sources, and iterative intelligence organizes this chaotic process of information sharing in order to help organizations in making future decisions," says Christina Richmond, program director of security services at IDC. The market research firm expects professional and managed security services to experience strong growth in the threat intelligence market. Security firms are creating alliances with universities and accreditation programs to develop IT security pros, says IDC. In response to the U.S. legal action against China, the Chinese government is cutting ties with U.S. consulting firms, including McKinsey, Boston Consulting Group and Strategy& (formerly known as Booz & Co), the Financial Times reports, citing senior Chinese leaders. In addition, China has banned Microsoft's Windows 8 operating system because of security concerns. "Windows is far too embedded in the Chinese economy for it to be banned completely, but certainly we should expect to see sensitive offices and systems reduce if not eliminate their use of it," Bill Bishop, an independent consultant based in Beijing, tells the newspaper. For more: - see the DoJ's Chinese indictment - check out IDC's release - read the FT report (sub. req.) Related Articles: 5 Chinese military hackers indicted for spying on US companies (UPDATED) Spotlight: US panel calls for action against China for industrial cyberespionage France, Germany in talks to set up NSA-free European Internet Read more about: IDC back to top This week's sponsor is HP.   ITMJ When it comes to enterprise security, Big Data is part of the problem-and it is part of the solution. Collecting vast amounts of data from disparate sources—including the cloud-exposes the enterprise to new threats and creates vast new stores of data you must protect. But you can apply Big Data techniques for finding insight in mountains of data to find security threats as well. Read this paper to learn 10 best practices to secure Big Data and to view four additional white papers that show how to make Big Data Security Analytics part of your security solution. 2. Microsoft warns against workaround enabling XP users to get security updates By Fred Donovan Comment | Forward | Twitter | Facebook | LinkedIn Microsoft is warning Windows XP users not to employ a "simple registry tweak" offered by Betanews as a way for users to continue to get security updates. "The workaround makes use of updates for Windows Embedded Industry (formerly known as Windows Embedded POSReady). This is based on Windows XP Service Pack 3, and the security updates which are being released for it are essentially the same ones Microsoft would have pushed out for XP, if it was still doing so," explains Wayne Williams with Betanews. "You can't simply install the updates--that would be too easy--and you'll receive a version mismatch error if you try. But a simple registry tweak is enough to fix that," Williams adds. Microsoft warned in a statement quoted by ComputerWeekly: "The security updates that could be installed are intended for Windows Embedded and Windows Server 2003 customers and do not fully protect Windows XP customers. Windows XP customers also run a significant risk of functionality issues with their machines if they install these updates, as they are not tested against Windows XP." Andrew Avanessian, vice president of global professional services at Avecto, tells ComputerWeekly: "Microsoft will not be testing the patches on the full version of XP and so these updates could lead to downtime and have a negative effect on user experience. Another consideration is system bloat. XP machines will tend be to running on older hardware, which is most likely at the end of its life, and as number of the updates will not be needed it could result in increased disk footprint." For more: - check out the Betanews article - read the ComputerWeekly report Related Articles: Hackers scour Windows 7 patches for clues to XP flaws As Windows XP support deadline approaches, security concerns mount Spotlight: Firms continue to resist upgrade from Windows XP Read more about: Microsoft back to top 3. Security firm AVAST, music streaming service Spotify report data breaches By Fred Donovan Comment | Forward | Twitter | Facebook | LinkedIn Security firm AVAST and music streaming service Spotify both admitted to data breaches this week, reports Ars Technica. Czech security firm AVAST said that attackers were able to get access passwords, usernames and email addresses for around 400,000 customers who used its support forum, which is run on a third-party platform. "We realize that it is serious to have these usernames stolen and regret the concern and inconvenience it causes you. However, this is an isolated third-party system and your sensitive data remains secure," AVAST CEO Vince Steckler wrote in a blog on Monday. Spotify said on Tuesday that hackers had gained unauthorized access to its network and internal data. According to Spotify's investigation, only one customer's data was accessed. The information did not include password or financial information. "Based on our findings, we are not aware of any increased risk to users as a result of this incident," wrote Spotify CTO Oskar Stal. The company is still asking users to re-enter their usernames and passwords to log in. In addition, Spotify is asking its Android app users to upgrade over the next few days, but not its iOS and Windows app users. Apparently, the breach involved an Android app, but the blog and emails do not say if there is any connection between the upgrade and the breach. "We have taken steps to strengthen our security systems in general and help protect you and your data--and we will continue to do so. We will be taking further actions in the coming days to increase security for our users," Stal concluded. For more: - read the Ars Technica article - check out the AVAST and Spotify blogs Related Articles: E-commerce, not POS, make up majority of breached systems Third-party vendor behind possible Lowe's data breach 'Massive' breach hits eBay passwords Read more about: Network Access back to top 4. Gartner: Most mobile security breaches will be caused by misconfigured apps by 2017 By Fred Donovan Comment | Forward | Twitter | Facebook | LinkedIn As the focus of endpoint breaches will shift from PCs and laptops to tablets and smartphones, three-quarters of mobile security breaches will be the result of a misconfigured mobile app by 2017, predicts Gartner. The market research firm predicts that the "Mobile security breaches are--and will continue to be--the result of misconfiguration and misuse on an app level, rather than the outcome of deeply technical attacks on mobile devices," says Dionisio Zumerle, principal research analyst at Gartner. "A classic example of misconfiguration is the misuse of personal cloud services through apps residing on smartphones and tablets. When used to convey enterprise data, these apps lead to data leaks that the organization remains unaware of for the majority of devices," the Gartner analyst notes. In addition, jailbroken devices can open up those devices to malware, which can then steal data from the device and even find its way onto corporate networks. Those devices are also vulnerable to brute force attacks on passcodes. "The most obvious platform compromises of this nature are 'jailbreaking' on iOS or 'rooting' on Android devices. They escalate the user's privileges on the device, effectively turning a user into an administrator," says Zumerle. Gartner recommends that enterprises deploy a mobile device management system supplemented by app shielding and containizeration. In addition, firms should use a network access control product to prevent suspicious devices from connecting to the corporate network. For more: - see Gartner's release Related Articles: Mobile device security market forecast to triple by 2018 Spotlight: NIST offers free mobile app vetting tool Spotlight: New Android bug could 'brick' devices Read more about: Mobile Security Breaches, malware back to top 5. 28 DDoS attacks occur every hour, report finds By Fred Donovan Comment | Forward | Twitter | Facebook | LinkedIn On average, 28 distributed denial of service attacks occur every hour, according to a new report by NSFOCUS Information Technology, a DDoS detection and mitigation firm. While still a favorite attack method for hacktivists, DDoS attacks are increasingly being used as "smokescreens" to carry out advanced persistent threat attacks and cybercrime, according to the report (based on a review by NSFOCUS of 244,703 DDoS incidents in 2013). The NSFOCUS report summarizes the findings: "The majority of DDoS attacks were short in duration, small in total attack size, and frequently repeating against the same target." In fact, 91 percent of DDoS attacks last year lasted less than 30 minutes and most were 50 MBPS or less. Close to two-thirds of targets of DDoS attacks were attacked more than once, and one victim was attacked 319 separate times within a six-month period. The longest single DDoS attack last year lasted 1,666 hours, or 69 days and 10 hours. The report finds that attackers are leveraging network time protocol to amplify the power of DDoS attacks, which could far exceed the bandwidth levels so far.   "The NSFOCUS Threat Response Center identified over 400,000 NTP servers around the world that can be used in NTP amplification attacks. Among these NTP amplifiers, more than 1,000 can magnify the traffic by more than 700 times," the report notes. For more: - check out the NSFOCUS report (reg. req.) Related Articles: IT downtime from attack or infrastructure failure can cost firms more than $1M per hour Spotlight: Average enterprise sustains 4.5 large DDoS attacks every year DDoS attacks fuel rise in cloud-based DDoS mitigation services Read more about: DDoS Attacks back to top Also Noted This week's sponsor is Mashery. Delight & Engage Customer with Mobile APIs Read this success story and learn how a robust API and secure API Management powered Keep's iOS app to become one of the most popular apps in the Lifestyle category in the iTunes App Store. Read now! TODAY'S SPOTLIGHT... Free encryption service TrueCrypt apparently shuts down Free encryption service TrueCrypt has apparently shut down due to "unfixed security issues," open source developer SourceForge says on its website. "The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms (click here for more information). You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform," the SourceForge notice says. While some wonder if the message is actually genuine, researcher Brian Krebs believes it is. Read more >> Microsoft debuts personalized patch dashboard for IT pros (Computerworld) >> OpenSSL to get a security audit and two full-time developers (Ars Technica) >> Spam campaign plays on user fear over Heartbleed (eWeek) >> CryptoDefense ransomware infects via Java drive-by exploit (Graham Cluley) >> Shocking number of UK professionals ignore data safety policies (Infosecurity Magazine) And Finally… Google has the need for speed (Mashable) Events > Gartner Security & Risk Management Summit 2014 - June 23-26, 2014 - National Harbor, MD Discover five programs covering IT security, risk and compliance, BCM, the CISO and the marketplace for security, so you can validate your strategy against the full spectrum of security and risk initiatives. Save $300 with code GARTFSI. To register, visit gartner.com/us/securityrisk. Marketplace > Whitepaper: Finding ROI in Document Collaboration Read this Accusoft whitepaper to learn about the factors that make document collaboration more difficult than it should be, and about how to create a collaboration strategy that makes sense for your organization. Download Now! > Whitepaper: Delight & Engage Customers with Mobile APIs Read this success story and learn how a robust API and secure API Management powered Keep’s iOS app to become one of the most popular apps in the Lifestyle category in the iTunes App Store. > Whitepaper: 802.11ac in the Enterprise: Technologies and Strategies Download the White Paper "802.11ac in the Enterprise: Technologies and Strategies" to learn from industry expert Craig Mathias about the technologies behind 802.11ac, deployment misconceptions and review steps that every organization should take in getting ready for 802.11ac. Download today! > Whitepaper: Defense Against the Dark Arts: Finding and Stopping Advanced Threats Today's most-damaging targeted attacks don't occur by happenstance. They are carefully planned and executed by a new breed of professional adversaries. Read this white paper, Defense Against the Dark Arts: Finding and Stopping Advanced Threats to gain a practical understanding of today's Advanced Threat Landscape and strategies for detecting and stopping Advanced Threats. Download today! > Whitepaper: Longline Phishing: A new Class of Advanced Phishing Attacks The last few years have seen a dramatic increase in the use of email as a vehicle for cyberattacks on organizations and large corporations. Recently, Proofpoint researchers identified a new class of sophisticated and effective, large-scale phishing attack dubbed "longline" phishing attacks. Download this whitepaper to learn about the unique characteristics of these attacks, how they are carried out, and the alarming effectiveness they have. Download today! > eBook: eBrief | Best Practices in Mobile Application and Management Delivery Your organization knows that mobile productivity is important, and it may have already started down the road toward Mobile Device Management (MDM) and Mobile Application Management (MAM). But have you developed a holistic view of application management and delivery -- and its impact on the business? Download this free eBrief to learn about best practices for your mobile deployment. > Whitepaper: APIs Drive Opportunity Explosion Argos took bold, transformative measures to respond to market disruption from competitors selling online in addition to the move by grocers into non-food product ranges. Learn how APIs paired with a secure API Management solution can enable a digital transformation by delivering content and purchasing capabilities to customers any where at anytime. Download Today! > Whitepaper: Supporting VDIs and Thin Clients Companies have already begun deploying VDIs and thin clients (like Google's Chromebook) on a massive scale. The low-cost, easily deployed workstations present a significant cost savings for companies, but require unique tools to support them. This whitepaper, written by Proxy Networks, outlines the best way to do that. Download now. > Whitepaper: Four Ways to Improve IT Efficiency The role of the help desk within businesses has expanded considerably over the last decade, becoming an integral piece of the overall corporate strategy. In this whitepaper, Proxy Networks outlines the best way to align your IT department with that strategy in order to improve overall departmental efficiency. Download now. ©2014 FierceMarkets, a division of Questex Media Group LLC This email was sent to ignoble.experiment@arconati.us as part of the FierceITSecurity email list which is administered by FierceMarkets, 1900 L Street NW, Suite 400, Washington, DC 20036, (202) 628-8778. Refer FierceITSecurity to a Colleague Contact Us Editor: Fred Donovan. VP sales and business development: Jack Fordi. Publisher: Ron Lichtinger. Advertise General advertising: Jack Fordi. Press releases: Fred Donovan. Request a media kit. Email Management Manage your subscription Change your email address Unsubscribe from FierceITSecurity Explore Our Network You may enjoy these publications from FierceMarkets: FierceBigData FierceBiotech FierceBiotechIT FierceBiotech Research FierceCable FierceCIO FierceCIO:TechWatch FierceCMO FierceCFO FierceContentManagement FierceCRO FierceDeveloper FierceDiagnostics FierceDrugDelivery FierceEMR FierceEnergy FierceEnterpriseCommunications FierceFinanceIT FierceGovernment FierceGovernmentIT FierceHealthcare FierceHealthFinance FierceHealthIT FierceHealthPayer FierceHealthPayerAntiFraud FierceHomelandSecurity FierceITSecurity FierceMedicalDevices FierceMedicalImaging FierceMobileGovernment FierceMobileHealthcare FierceMobileIT FierceMobileRetail FierceOnlineVideo FiercePharma FiercePharmaManufacturing FiercePharmaMarketing FiercePracticeManagement FierceRetail FierceRetailIT FierceSmartGrid FierceTelecom FierceVaccines FierceWireless FierceWireless:Europe FierceWirelessTech Hospital Impact