Monthly Archives: April 2020

Uncategorized

IBM Call for Code starter kits focus on coronavirus


Sarah Brennan

31 Mar, 2020

IBM has officially deployed an accelerated timeline for its coronavirus Call for Code and published three coronavirus-related Call for Code starter kits.

Each starter kit includes a comprehensive guide to help developers create apps to alleviate the problems people and communities are facing during the COVID-19 pandemic.

“We have learned how passionate developers are about solving the world’s most pressing issues, and how Call for Code’s infrastructure gives developers, data scientists, students, and subject matter experts the infrastructure they need to move from ideation through implementation,” said Daniel Krook, CTO of Call for Code. “Publishing developer-friendly starter kits has been key to help get developers up-and-running fast.”

Introducing three coronavirus starter kits

IBM has officially deployed an accelerated timeline for its coronavirus Call for Code and published three coronavirus-related Call for Code starter kits.

Each starter kit includes a comprehensive guide to help developers create apps to alleviate the problems people and communities are facing during the COVID-19 pandemic.

“We have learned how passionate developers are about solving the world’s most pressing issues, and how Call for Code’s infrastructure gives developers, data scientists, students, and subject matter experts the infrastructure they need to move from ideation through implementation,” said Daniel Krook, CTO of Call for Code. “Publishing developer-friendly starter kits has been key to help get developers up-and-running fast.”

Introducing three coronavirus starter kits

Crisis communication: Coronavirus has prompted many people to seek answers about symptoms, testing sites and the status of their communities. This starter kit comes equipped with a preloaded virtual assistant that understands and responds to common COVID-19 questions and scans COVID-19 news articles using Watson Discovery.

Remote education: While we may be in the midst of a pandemic, the edification of our youth must continue. Many schools and universities nationwide have shifted to online instruction to ensure the safety of themselves and their students. The remote education kit provides a set of IBM Cloud- and Watson Services-backed open-source tools related to remote education.

Community cooperation: We may be practising social distancing, but there is a growing interest in enabling cooperation among communities. More than ever, neighbours are offering to combine grocery runs and assist those around them. This kit enables the rapid deployment of applications that empower communities to continue working together.

IBM is continuing to develop a wide ecosystem of partners and tech providers in hopes of helping participants round out their solutions. Some of these partners include Altran and Bank of China.

Tarush Verma, client leader and AVP at Altran, said: “Altran will help fight this pandemic by creating innovative solutions for the Call for Code Global Challenge including chatbots and other applications based on the new COVID-19 developer starter kits.”

IBM reported it’s received upward of 1,000 registrations in a single day. Many of those applicants were individuals on the front lines, at-risk individuals and experienced coders who want to share their experiences and contribute to creating meaningful solutions. 

The initial submission deadline for this year’s Call for Code is now April 27. IBM will announce the three best solutions on May 5. Those teams will then work alongside IBM to have their solutions released into the “real world.”

To participate in this year’s Call for Code, visit the Call for Code site here

Uncategorized

AWS launches Amazon Detective for investigating security incidents

1 Apr, 2020

AWS has announced the general availability of Amazon Detective, the company’s automated security service. 

Amazon Detective works with machine learning and statistical analysis to build visualised maps of security threats in a customer’s cloud. Rather than a security team compiling all the relevant data to analyse and conduct a lengthy investigation, it automatically pulls data from services like CloudTrail and customer logs. 

The information is then run through AWS GuardDuty which compiles a graph that details all interactions across the customer’s infrastructure. Everything is run from the Amazon Management Console and, according to AWS, in just a few clicks your IT team can have a detailed report of the problem and where it has come from. 

The graph model is also continuously updated as new data becomes available from the customer’s AWS resources, allowing security teams to spend less time looking through constantly changing data sources and freeing them up to work on remediation. 

The service is being offered with no upfront fees but customers will pay if they need to upload data from AWS CloudTrail and other AWS services they use. 

“Even when customers tell us their security teams have the tools and information to confidently detect and remediate issues, they often say they need help when it comes to understanding what caused the issues in the first place,” said Dan Plastina, VP for security services at AWS. 

“Gathering the information necessary to conduct effective security investigations has traditionally been a burdensome process, which can put crucial in-depth analysis out of reach for smaller organisations and strain resources for larger teams. Amazon Detective takes all of that extra work off of the customer’s plate, allowing them to focus on finding the root cause of an issue and ensuring it doesn’t happen again.”

The service is available from today in Europe, the US, South America and parts of Asia, with more regions coming soon, the company confirmed. 

Uncategorized

Marriott reported another data breach: Why cyber risk assessment is important

Marriott International — the multinational hospitality company behind the third-largest hotel brand in the world — reported a major data breach on March 31 2020, marking its second major data breach in the last two years. This data breach is expected to leak the information of 5.2 million guests worldwide.

“Marriott said Tuesday approximately 5.2 million guests worldwide may have been affected. The information taken may have included names, addresses, phone numbers, birthdays, loyalty information for linked companies like airlines and room preferences. Marriott said it’s still investigating but it doesn’t believe credit card information, passport numbers or driver’s license information was accessed,” reported ABC News. In February-end, Marriott found a massive amount of guest information was being accessed using two of its employees’ user credentials.

After an initial investigation, Marriott believed that the data breach probably started in mid-January. It blocked those login credentials, and now, it is assessing the situation and assisting the relevant authorities for investigating the data breach. Though Marriott is doing everything to fix the problem now, it is no good news seeing it suffered two major data breaches in less than two years.

In November 2018, Marriott reported the first major data breach, which leaked the personal information of 383 million people. So, the combined amount of data that got leaked in these two data breaches totals to 388.2 million. Moreover, after the last major data breach, it was expected that Marriott will harden its cybersecurity infrastructure, train its security teams, and upgrade its systems. However, the latest data breach raises questions on its efforts to fight threats.

This brings us to the question: how does an organisation check and validate its security infrastructure? The answer: cybersecurity risk assessment.

Let’s learn more about it and how it helps organisations to test their security postures.

Cybersecurity risk assessment is the risk assessment of cyber or digital threats. It has become increasingly important since every organisation — nowadays — implements and relies on information technology and systems for running its business. Since it heavily relies on these digital systems, a small breach, hack, or malfunction may pose high risks.

As risk assessments are necessary for every organisation for getting informed and preparing for unexpected issues or risks like industrial malfunctioning and manufacturing defects and deaths, cybersecurity risk assessments are critical for knowing and preparing for unexpected cyber threats. The list of threats includes but is not limited to data breaches, insider or online attacks, etc.

“Risk assessments are used to identify, estimate, and prioritise risk to organisational operations (such as mission, functions, image, and reputation), organisational assets, individuals, other organisations, and the Nation, resulting from the operation and use of information systems. The purpose of risk assessments is to inform decision makers and support risk responses by identifying: (i) relevant threats to organisations or threats directed through organisations against other organisations; (ii) vulnerabilities both internal and external to organisations;(iii) impact (i.e., harm) to organisations that may occur given the potential for threats exploiting vulnerabilities; and (iv) likelihood that harm will occur,” according to NIST’s Guide for Conducting Risk Assessments.

Similarly, cyber risk assessment— is the term defining the process of assessing the cyber or digital risks facing your business or organisation. Its primary goal is to help the board members and decision-makers to understand the organisation’s cybersecurity infrastructure and install and support the best risk mitigation processes for fighting off — or at least decreasing the cyber risks of — both online as well as offline threats.

There are numerous examples and reasons that prove the importance of cyber risk assessments. The data breaches reported by Marriott International are great examples; if Marriott’s security infrastructure was attack-proof, it might not have suffered the data breach — at least the second one. Every customer (guest) making a reservation at Marriott after the first breach in November 2018 must have believed in its promise of hardening its security infrastructure. However, it failed — super hard — at keeping its promise. Though the investigation is still in progress for the second breach, Marriott had — probably — a gap in their security posture that led to the data breach. What could have been done?

Even if the two employees — whose login credentials were used for the second data breach — were involved in the breach, its security systems should have detected and reported massive data requests coming from systems at a single location or origin. And if detected and reported, its security teams should have checked the issue and identified the data breach earlier — ideally. However, it is evident that they did not detect or find the massive breach until recently.

That said, every organisation must perform cybersecurity risk assessments on a regular basis. It helps the organisation to identify its security weaknesses, inform the security teams as well as decision-makers, and harden or install the necessary cybersecurity processes and products to improve the overall security. Moreover, it reduces the long-term costs, provides awareness on the installed processes and systems, helps avoid data breaches and security incidents, and helps meet the legal and regulatory cybersecurity requirements. These, in turn, helps strengthen your brand and avoid unnecessary costs or risks. Also, it builds trust in your present and future customers for your organisation.

Picture credit: "Marriott Hotel", by José Carlos Cortizo Pérez, used under CC BY 2.0

Uncategorized

AWS makes Amazon Detective generally available for greater security awareness

Amazon Web Services (AWS) has announced the general availability of Amazon Detective, a new offering which aims to help customers remediate security issues across their AWS workloads more easily.

Amazon Detective, which was launched in preview at re:Invent last year, automatically collects log data from a customer's resources and uses machine learning and statistical analysis to build interactive visualisations which customers can use to deduce security anomalies.

Sebastien Stormacq, Amazon senior developer advocate, noted in a blog post how customer demands had changed from five years ago, when AWS released a solution which automatically analysed AWS CloudTrail data to generate alerts around sensitive API usage.

"Today, when a security issue is detected, such as compromised credentials or unauthorised access to a resource, security analysts cross-analyse several data logs to understand the root cause of the issue and its impact on the environment," wrote Stormacq. "In-depth analysis often requires scripting and ETL to connect the dots between data generated by multiple siloed systems.

"To further complicate matters, new AWS accounts, and new applications are constantly introduced, forcing analysts to constantly reestablish baselines of normal behaviour, and to understand new patterns of activities every time they evaluate a new security issue," added Stormacq.

Among the customers rolling out with Detective are T-Systems and Warner Media, with the product available in 14 AWS regions upon launch. There are no additional charges or upfront commitments to customers, the company added.

This can be seen as another step in the largest cloud vendors giving customers a helping hand around the ever-thorny issue of security. Yet the element of give-and-take has to remain. Take the launch of Amazon S3 Block Public Access in late 2018, which enabled extra controls to ensure S3 buckets did not become misconfigured. The year before, the company updated its dashboard so public buckets were signified with bright orange indicators. As cloud workloads become more complex, security needs to adapt with it – which is what AWS is aiming for here.

You can read the full blog post here.

Photo by Agence Olloweb on Unsplash

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

Uncategorized

Zoom admits meetings don’t use end-to-end encryption


Bobby Hellard

1 Apr, 2020

Video conferencing app Zoom does not use end-to-end encryption, according to reports, despite specifically stating that it does on its website.

Though Zoom offers users the option to “enable an end-to-end (E2E) encrypted meeting,” and provides a green padlock that claims “Zoom is using an end to end encrypted connection,” the company this week admitted that offers no such thing.

A spokesperson for the company told The Intercept that, despite its claims, it was “currently not possible” to enable end-to-end encryption for its video meetings.

Instead, the spokesperson revealed, the service uses Transport Layer Security (TLS) which encrypts data between user’s meetings and Zoom’s servers. End-to-end refers to data encrypted between calls, blocking out third parties – which includes the service provider. As a result, the company can see and use the data for things like targeted ads. 

“When we use the phrase ‘End to End’ in our other literature, it is in reference to the connection being encrypted from Zoom end point to Zoom end point,” the spokesperson added.

Like a number of video conferencing services, Zoom is currently benefiting from the coronavirus lockdown. Its usage in the US is reportedly three times as much as Microsoft Teams, which is fairly impressive for an app that was almost unheard of this time last year. 

Given the rapid rise of Zoom, Microsoft recently singled out the service in a partner video, suggesting that it’s a threat to its business model as it can be used in tandem with rivals like Slack and Google’s G Suite, unlike Teams.

Part of Zoom’s appeal to organisations is its simplicity and the fact it can be used for free, albeit without any premium features, which lets businesses try it out before forking out any money.
 
“Video conferencing is a fantastic necessity in times like these but it is vitally important to understand the security and privacy concerns that go in parallel with this increasingly popular form of communication,” said Jake Moore, a cyber security specialist for ESET.
 
“For social and light business meetings they are fine as long as users realise what data is being shared by Zoom to third parties. I certainly wouldn’t recommend using free software for sensitive or private meetings.”

On Tuesday, Boris Johnson tweeted a picture of his cabinet’s “first digital meeting” and, comically, left the ID number visible. This security blunder will not have gone down well with the Ministery of Defence, which has reportedly banned Zoom due to security concerns. 

Zoom told The Intercept that it only collects user data to improve the service and that it never allows its employees to access specific content in meetings and doesn’t sell any kind of user data. However, the company did confirm that it could hand over data from meetings if it was compelled to for legal proceedings.