Tag Archives: Dell SonicWALL

Customers Validate the Advanced Protection Provided by SonicWALL Capture, Now Available With the Release of SonicOS 6.2.6

SonicOS 6.2.6 Advanced Protection Now Available

Kuala Lumpur, 1 August 2016SonicWALL customers observed dramatic increases in their network security during the technical preview of SonicWALL Capture Advanced Threat Protection Service.

 

Dell SonicOS 6.2.6

With the announcement of the general availability of SonicOS 6.2.6 firmware, SonicWALL Capture is the industry’s first multi-engine sandbox that enables customers to block suspicious files until a verdict is reached. Additionally, SonicOS 6.2.6 features an enhanced Content Filtering Service that gives organisations the power to easily enforce protection and productivity policies to control access to inappropriate or unproductive web content.

Available for use with SonicWALL TZ, NSA and SuperMassive 9000 series firewalls, SonicOS 6.2.6 with SonicWALL Capture protects customers from today’s most advanced threats, including zero-day attacks.

Malicious code authors have developed techniques allowing malware to detect the presence of existing sandboxes and use this information to evade detection. To combat these techniques, SonicWALL Capture utilises three technically different cloud-based threat analysis sandboxing engines, making evasion almost impossible. Capture also has the ability to accept the broadest range of file sizes and types and can be configured to block suspicious files from entering the system until a verdict is reached.

Angel Torres, CIO of Credit Services, Inc. reports, “The new SonicWALL Capture service is another key addition to the suite of security tools that help us battle the new challenges that we face on a daily basis. By providing this new service, it feels like we have a partner working with us in the fight to keep our system secured. By preventing malicious files from entering our system, it helps keep our clients and our company more secure from new threats as they emerge.”

“We did some evaluations of other sandbox solutions, but SonicWALL Capture was the easiest to implement and most cost-effective to license and manage. Because it’s offered as an upgrade to our firewall and only requires a firmware update, testing and eventual deployment into a production environment was really easy. We are looking at utilising this at our other sites as we focus on multiple, layered approaches to security,” stated Zachary A. Radke of Santa Fe Senior Living.

 

SonicWALL Content Filtering Service 4.0

The new SonicWALL Content Filtering Service 4.0 available in SonicOS 6.2.6 enables IT to enforce protection and productivity policies and block inappropriate, unproductive and illegal web content from the network. Key new features in this version include:

[adrotate banner=”4″]

Block-page override, Bandwidth Management and Confirm actions ‒ In addition to the current allow and block methods, CFS 4.0 also offers block-page override (passphrase), bandwidth management, and confirm actions, giving administrators additional controls to individual domain categories. These five methods are configurable at the policy level (versus a global setting). This can enable educational institutions, for example, to personalise the teaching experience for specific schools, classrooms or groups of users behind a firewall, empowering teachers and IT administrators to facilitate a better and more productive learning experience.

YouTube Restricted mode ‒ Similar to parental controls, YouTube Restricted mode helps inhibit the search for, or access to, inappropriate videos based on YouTube’s proprietary technology.

“The SonicWALL CFS version 4.0 has given us more power over the filtering system by allowing us to control the priority of the policies,” said George Morris, IT Administrator at Peru Community Schools. “This lets us set multiple allow or deny rules and have users with multiple policies, and still maintain complete accuracy of the outcome. We view these enhancements as proof that the best just got even better.”

 

SonicOS 6.2.6 Availability

SonicWALL SonicOS 6.2.6 will be generally available August 1. SonicWALL Capture ATP Service will be available for SonicWALL SuperMassive 9000 series, NSA firewalls and select TZ firewall models August 1. Current customers should contact their account representatives.

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!

Dell SonicWALL SMA 100 Series OS 8.5 Announced

Kuala Lumpur, 28 June 2016 – Dell Security has announced the release of Dell SonicWALL Secure Mobile Access (SMA) 100 Series OS 8.5, which provides mobile and remote workers at small- and medium-sized businesses with policy-enforced SSL VPN access to mission-critical applications, data and resources without compromising security.

This newest version of the Dell SonicWALL SMA 100 Series OS affords enhanced security to customers by allowing administrators to quickly and easily provision secure mobile access and role-based privileges so workers using smart phones, tablets or laptops (managed or unmanaged) get fast, simple and secure access. At the same time, the solution enables organizations to institute BYOD security policies to protect their corporate networks and data from rogue access and malware.

The proliferation of devices in the workplace, both employer-issued and personally owned, has increased the demand for secure mobile access to company applications, data and resources. Often, employees use the same device for both business and personal use, resulting in the intermingling of business and personal data and applications. This places organizations at increased risk for security breaches such as:

  • Unauthorized access to networks and systems from lost or stolen devices
  • Malware and ransomware spread through infected devices that serve as conduits
  • Interception of organization data in-flight on unsecured public Wi-Fi networks

Securing mobile devices is becoming increasingly difficult as companies often no longer influence device selection or control device management. To protect from threats and still enable access for remote and mobile workers, an organization must ensure that only authorized users and approved devices meeting security policy requirements are granted network and resource access, and company data on the device is secure.

 

Dell SonicWALL Secure Mobile Access (SMA) 100 Series OS 8.5 benefits both IT and business users

The new enhancements to the Dell SonicWALL SMA 100 Series OS provide greater control and ease-of-use for companies in setting policy controls, allowing users to access the data they need from the devices they use and without skimping on security. The SMA 100 series is compatible with all commonly used devices across Windows, iOS, Mac OS X, Android, Linux, Kindle Fire, and Chrome, to provide mobile users secure access to network resources including shared folders, client-server applications, intranet sites, email, and remote and virtual desktop services.

This helps IT to become the “Department of YES” by enabling administrators to configure security policies that provide best-in-class, context-aware authentication that grants access only to authorized users through trusted devices. New functionality enhancements in OS version 8.5 include:

  • Policy Wizards ‒ Easy-to-use wizards to deploy policies for OWA, ActiveSync, Outlook Anywhere and Autodiscover. This saves IT administrators considerable time for the most commonly created policies, making them more productive, and it lowers the company’s overall TCO.
  • HTML5 Enhancements ‒ Provide end users with a rich access experience within their own choice of web browser, eliminating their need to download, install and maintain additional software on their systems. Everything can be run from within the context of the browser window, making connection to resources very easy and with zero-day support of all major operating systems and browsers.
  • Virtual Host Multicore Support ‒ Increases resource capacity of host resources that can be accessed by SMA to provide greater reliability and performance at higher concurrencies of connected users. With this additional resource capacity, concurrent user maximum increases from 50 to 250. Lastly, to align across the entire portfolio, this product previously known as “SRA SMB Virtual Appliance” has now been renamed “SMA 500v.”

In addition, noteworthy recent functionality enhancements to Dell SonicWALL SMA 100 series include:

  • Web Application Firewall (WAF) Enhancements ‒ Helping to secure internal web applications from remote users, the Dell SonicWALL award-winning WAF engine has been enhanced to detect against additional exploits and threats. This allows customers to ensure that confidentiality of data and internal web services remains uncompromised if a malicious or rogue authenticated user should gain access.
  • Geo IP Detection and Botnet Protection ‒ Grants customers with a mechanism to allow or restrict user access from various geographical locations. This also provides additional protection from a compromised endpoint participating in a botnet, further verifying the validity of the connecting device.
  • End Point Control (EPC) Enhancements ‒ Various enhancements to the SMA EPC engine provide greater assurance that the endpoint accessing the network is trusted and not malicious.

 

Dell SonicWALL SMA 100 Series OS 8.5 Availability

This SMA 100 Series OS 8.5 upgrade will be available in July at no cost to customers with active support contracts in place.

[adrotate banner=”5″]

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!

SonicOS 6.2.5 For Dell SonicWALL Released

April 1, 2016Dell Security today announced the release of SonicOS 6.2.5 for Dell SonicWALL SuperMassive, NSA and TZ Series firewalls. This new firmware extends security to Dell switches, wireless access points and firewalls by consolidating the management of the converged network infrastructure.

The release also significantly advances capabilities associated with inspecting encrypted traffic, a major threat vector in today’s malware economy, and meets strict certification requirements of the US Department of Defense.

 

Making Network Management Simpler and More Efficient

SonicOS 6.2.5 simplifies support for Dell Security partners by providing one version of firmware to handle the majority of Dell SonicWALL products. The new SonicOS also increases connection counts on encrypted HTTPS sessions, enabling stronger encryption support and expanding government certification for high security applications.

It simplifies network management for both distributed enterprises and managed service providers by allowing management of the Dell Networking X-Series switches by SonicWALL TZ series firewalls and SonicWALL Global Management System, enabling central management of distributed converged networks. This release also improves performance, increases flexibility and makes systems more secure against today’s more sophisticated attacks.

“The life of a security officer in any sized organization is not easy, no matter what the industry. With the introduction of SonicOS 6.2.5, Dell Security has made strides to make their lives easier. The new OS has features designed to enable a converged infrastructure across switching, wireless, and security, allowing organizations to do more with less and reduce the complexity of network management,” said Han Chon, director, Security and Endpoint Systems Management, Dell Asia Pacific & Japan. “This is yet another innovative offering we deliver to help our customers navigate today’s rising threat landscape, keep their network secure and workforce productive.”

[adrotate group=”1″]

 

Highlights Of SonicOS 6.2.5

  • New Dell Networking X-Series Switch Integration: Organizations now can effectively manage Dell X-Series switches as an extension of the Dell SonicWALL TZ series firewall functionality, providing single-pane-of-glass management of all network infrastructure, including SonicWALL TZ firewalls, Dell X-Series switches, SonicWALL SonicPoints and SonicWALL WAN Acceleration devices. The ability to centrally manage all of the switches, firewalls and wireless access points in an increasingly dispersed network is a significant benefit for organizations in all industries. Dell SonicWALL TZ Series integration with the Dell Networking X-Series switches delivers the necessary security and expandability without the burden of having extra management consoles that increase complexity, overhead costs, and result in the potential for misconfiguration and non-compliance issues.
  • DPI SSL Enhancements: The recently published 2016 Dell Security Annual Threat Report shows a 50 percent surge in encrypted traffic ‒ including encrypted malware ‒ affecting millions of users in 2015. Continuing Dell Security’s commitment to deep packet inspection (DPI) on encrypted traffic, multiple DPI SSL enhancements to SonicOS 6.2.5 provide more efficient inspection of DPI SSL traffic, as well as improved troubleshooting, better scalability and better certificate support. Key enhancements include:
    • CFS category-based exclusion/inclusion of encrypted connections for efficient standards compliance (PCI, HIPPA)
    • Strengthened Encryption Methods (TLS 1.2, SHA256)
    • Increased default Certificate Authority (CA) database
    • Improved troubleshooting for encrypted connection failures
    • Finer granularity for encrypted connection exclusions based on alternate domain names (excluding youtube.com vs. *.google.com)
    • Refreshed GUI for easy-to-use configuration of encrypted connection processing

 

Dell SonicWALL Products Approved for use by the Department of Defense

Dell Security has achieved prestigious Department of Defense certification for Dell SonicWALL next-generation firewalls. Based on stringent Security Technical Implementation Guide (STIG) testing, designated Dell SonicWALL firewall products now are certified for the DoD Unified Capabilities (UC) Approved Products List (APL), and qualified for use by Department of Defense (DoD) agencies in the United States.

 

SonicOS 6.2.5 Availability

  • SonicOS 6.2.5 is available on Dell SonicWALL SuperMassive 9600/9400/9200, NSA6600/5600/4600/3600/2600 and TZ600/500/500 W/400/400 W/300/300 W/SOHO W next-generation firewalls worldwide, through the channel.
  • A complete list of the new features found in SonicOS 6.2.5 is available in this datasheet.
  • The Dell SonicWALL TZ600/500/500 W/400/400 W/300/300 W next-generation firewalls with integrated Dell X-Series switches running SonicOS 6.2.5 are now generally available through the channel.

Go Back To > Cybersecurity | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!

Dell SonicWALL Capture ATP Service Launched

March 8, 2016Dell has announced the launch of the Dell SonicWALL Capture Advanced Threat Protection (ATP) Service, which enhances organizations’ ability to safeguard against today’s shape-shifting cyber threats. Taking a first-to-market, adaptive, multi-engine sandboxing approach, Dell Security is incorporating the VMRay third-generation Analyzer threat detection analysis engine with the Lastline Breach Detection platform and the Dell SonicWALL Sonic Sandbox threat analysis engine, to deliver a three-layer level of defense that organizations need to safeguard against today’s unknown threats.

This new cloud offering reinforces the commitment Dell Security has made to delivering comprehensive protection against the meteoric growth of zero-day attacks targeting businesses today, as identified in the Dell Security 2015 Threat Report.

[adrotate banner=”4″]Today, organizations of every size are targeted by a diverse range of cyber criminals who continually seek, find and exploit security holes in applications and infrastructure to gain access to the network, often perpetrating serious harm within minutes.

According to the newly published 2016 Dell Security Annual Threat Report, the Dell SonicWALL Threat Research Team documented a 73 percent increase in unique malware samples collected over the previous year. Most of these threats were targeted, evasive and zero-day attacks found across computing systems and devices.

With smarter threats and malware often designed to detect the presence of a virtual sandbox and evade discovery, organizations need an intelligent, advanced threat detection system that not only analyzes the behavior of suspicious files, but also uncovers hidden malware without being detected itself.

Industry analyst firm Gartner stated, “IT risk and security leaders must invest in technical, procedural and human capabilities to detect when a compromise occurs. They must provide the tools for first responders to react quickly and investigate the source and impact of breaches, compromises and incidents.”

 

Dell SonicWALL : Evasion-Proof Protection Against Zero-Day And Advanced Persistent Threats

The triple combination of VMRay Analyzer and Lastline Breach Detection with Dell SonicWALL Sonic Sandbox sandboxing engines, which analyzes suspicious objects in parallel, delivers a virtually evasion-proof security solution that not only analyzes the file and reports malicious file behavior, but automates security by blocking malware at the gateway until a verdict is determined. SonicWALL Capture conducts not only virtual sandbox analysis, but also full system emulation and hypervisor-level analysis across all key OS environments, and file types for virtually any file size.

Further infiltration of the identified malware/threat is prevented with fast deployment of remediation signatures through the Dell SonicWALL GRID, Dell Security’s cloud forensics platform that leverages real-time analytics from more than one million connected next-generation firewalls (NGFWs) worldwide. The service scales to specific organizational needs by leveraging the cloud subscription service delivery model, which works in concert with all Dell SonicWALL NGFWs.

 

Dell SonicWALL Availability

  • The Dell SonicWALL Capture ATP Service solution is currently in a comprehensive beta evaluation and will be available for purchase by mid-year 2016.
  • Sign up to participate in the Dell SonicWALL Capture ATP Protection Service beta program.
  • Dell Security solutions are available worldwide, both direct and through channel partners.

 

Support Tech ARP!

If you like our work, you can help support out work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!

Dell Security Annual Threat Report 2016

KUALA LUMPUR, Malaysia, February 23, 2016 – Dell today announced the results of the Dell Security Annual Threat Report detailing the cybercrime trends that shaped 2015 and identifying top emerging security risks for 2016.

The report, based on data collected throughout 2015 from the Dell SonicWALL Global Response Intelligence Defense (GRID) network with daily feeds from more than one million firewalls and tens of millions of connected endpoints, Dell SonicWALL network traffic and other industry sources, equips organizations with practical, evidenced-based advice so they can effectively prepare for and prevent attacks.

This year’s report details four developing trends in cybercrime.

  1. The evolution of exploit kits to stay one step ahead of security systems.
  2. A continued surge in SSL/TLS encryption that is giving cybercriminals more opportunities to conceal malware from firewalls.
  3. The continued rise of Android malware.
  4. A marked increase in the number of malware attacks.

“Many of the breaches in 2015 were successful because cybercriminals found and exploited a weak link in victims’ security programs due to disconnected or outdated point solutions that could not catch these anomalies in their ecosystem,” said Curtis Hutcheson, general manager, Dell Security. “Each successful attack provides an opportunity for security professionals to learn from others’ oversights, examine their own strategies and shore up the holes in their defense systems. At Dell Security, we believe the best way for customers to protect themselves is to inspect every packet on their network and validate every entitlement for access.”

 

Threat Findings From 2015

One of the best ways to predict and prepare for emergent threats is to analyze information about recent breaches. Dell’s predictions and security recommendations for 2016 revolve around four key findings from 2015:

1. Exploit kits evolved to stay one step ahead of security systems, with greater speed, heightened stealth and novel shapeshifting abilities.

In 2015, exploit kit behavior continued to be dynamic, creating a rise in the number and types of kits
available. The year’s most active kits proved to be Angler, Nuclear, Magnitude and Rig. The sheer
volume of exploit kits available gave attackers limitless opportunities to target the latest zero-day
vulnerabilities, including those appearing in Adobe Flash, Adobe Reader and Microsoft Silverlight.
Dell SonicWALL noted a few key evolutions in 2015’s exploit kits, including:

  • Use of anti-forensic mechanisms to evade security systems – In September 2015, the Dell SonicWALL Threat Research Team discovered a major, unclassified exploit kit, which the team named Spartan. This kit effectively hid from security systems by encrypting its initial code and generating its exploitative code in memory, never writing to disk.
  • Upgrades in evasion techniques, such as URL pattern changes – Dell SonicWALL observed the Nuclear exploit kit first using search?q as part of the URL for its landing page redirect campaign in September 2015. In October 2015, this URL segment changed to /url?sa, making it difficult for anti-virus software and firewalls to keep up. It was also common for kits to check for anti-virus software or virtual environments, such as VMware or VirtualBox, and to modify their code accordingly for higher success rates.
  • Changes to landing page redirection techniques – Cybercriminals no longer necessarily use standard document.write or iframe redirection. In 2015, some of the larger attacks like Magnitude used steganography, which involves concealing the file, message, image or video within another file, message, image or video.
  • Modifications in landing page entrapment techniques – Some attacks directly called JavaScript’s functions to determine the browser and plugins victims were using, rather than leveraging the entire JavaScript PluginDetect library in plain or obfuscated form.

2. Secure Sockets Layer/Transport Layer Security (SSL/TLS) encryption continued to surge, leading to under-the-radar hacks affecting at least 900 million users in 2015.

[adrotate banner=”4″]Using SSL/TLS encryption, or HTTPS traffic, skilled attackers can cipher command and control communications and malicious code to evade intrusion prevention systems (IPS) and anti-malware inspection systems. These attacks can be extremely effective, simply because most companies do not have the right infrastructure to detect them. Legacy network security solutions typically either don’t have the ability to inspect SSL/TLS-encrypted traffic or their performance is so low that they become unusable when conducting the inspection.

Attackers took full advantage of this lack of visibility, coupled with the growth of HTTPS traffic throughout the year. In August 2015, an attack leveraged SSL/TLS encryption to disguise an infected advertisement on Yahoo, exposing as many as 900 million users to malware. This campaign redirected Yahoo visitors to a site that was infected by the Angler exploit kit.i An additional 10 million users were likely affected in the weeks prior by accessing ads placed by a marketing company called E-planning.

Dell SonicWALL noted an increase in the number of HTTPS connections, as well as geographical
differences in its use:

  • In the fourth quarter of 2015, HTTPS connections (SSL/TLS) made up an average of 64.6 percent of web connections, outpacing the growth of HTTP throughout most of the year.
  • In January 2015, HTTPS connections were 109 percent higher than in the previous January. Furthermore, each month throughout 2015 saw an average of 53 percent increase over the corresponding month in 2014.
  • On virtually opposite ends of the spectrum, HTTPS made up 81.6 percent of web connections in North Korea in 2015, while it made up only 34.4 percent in South Korea. China had by far the lowest HTTPS usage at only 8.63 percent of web connections.

3. Malware for the Android ecosystem continued to rise compared to 2014, putting the lion’s share of the smartphone market at risk.

In 2015, Dell SonicWALL saw a wide range of new offensive and defensive techniques that attempted to increase the strength of attacks against the Android ecosystem.

Stagefright was, in theory, one of the most dangerous vulnerabilities ever discovered for Android. The
vulnerability was embedded deeply in the Android operating system and affected all of the estimated 1
billion devices running Froyo 2.2 to Lollipop 5.1.1. Thankfully, Dell SonicWALL and other security
organizations observed no infections from Stagefright before Google discovered and patched it.

Dell SonicWALL noted a few emerging trends among the attacks against Android devices in 2015:

  • Android-specific ransomware began to gain popularity throughout the year. In September 2015, Dell SonicWALL observed a new ransomware variant that added a randomly generated PIN to the typical ransomware lock screen.
  • Android malware writers continued to find innovative ways to evade detection and analysis. In 2015, they began shipping malicious code as part of a library file, rather than a classes file, which is more commonly scanned by anti-virus software. Taking this a step further, 2015 saw the rise of a new Android malware called AndroidTitanium that stored its malicious contents on a Unix library file in the lib folder as libTitaniumCore.so. This .so file was loaded as a native library by the classes from the classes.dex file. By simply referring to the content saved somewhere else, the malware kept the classes.dex file itself free of malicious content.
  • The financial sector continued to be a prime target for Android malware, with a number of malicious threats targeting banking apps on infected devices. In November 2015, Dell SonicWALL discovered an Android campaign created to steal credit card and banking-related information from infected devices. Many of the malicious Android packages (APKs) in this campaign used the official Google Play Store as a conduit to trick victims into entering their credit card information. Some also monitored a few hardcoded apps, particularly financial apps, in order to steal login information. These malicious apps could also remotely execute commands received via SMS messages and transfer device-related data to the attackers.

4. Malware attacks nearly doubled to 8.19 billion; popular malware families continued to morph from season to season and differed across geographic regions.

In 2015 alone, Dell SonicWALL received 64 million unique malware samples, compared to 37 million in 2014. Moreover, the number of attack attempts almost doubled, from 4.2 billion in 2014 to 8.19 billion in 2015. This pervasive threat is wreaking havoc on the cyber world and causing significant damage to government agencies, organizations, companies and even individuals. Sometimes malware narrowly targets one population by design; sometimes it affects certain groups more heavily for external reasons.

The type of malware in circulation that Dell SonicWALL observed in 2015 varied widely across
timeframes, countries and interest groups:

  • Long-lasting malware – The Dyre Wolf corporate banking Trojan was one of the most active malware variants of the year. It came onto the scene in February of 2015 and remained somewhat active through December. By April, companies had already lost between $1.5 and $6.5 million to Dyre Wolf.iv,vDyre Wolf enjoyed such a long lifespan for several reasons including its profitability (attractive to attackers), frequent binary code updates, sophisticated anti-detection techniques and ease of spreading. The combination of Dyre Wolf and Parite topped malware network traffic through 2015. Other long-lasting malware included TongJi, a widely used malicious JavaScript by multiple drive-by campaigns; Virut, a general cybercrime botnet active since at least 2006; and the resurgence of Conficker, a well-known computer worm targeting the Microsoft Windows operating system since 2008.
  • Geographically dominant malware – There was a strong geographic correlation to the popularity of individual malware variants throughout 2015. One geographical attack that made its political intentions clear was the Upatre Trojan, which was dominant in Germany in June and July 2015. Upatre presented compromised users with an anti-drone message, urging victims to stand up to the U.S Government against the use of drones in war. In October and November 2015, the Spartan exploit kit discovered by Dell SonicWALL was most highly concentrated in Russia. Meanwhile, the Windows XP malware CVE-2010-2568 was extremely popular in India, where the operating system is still in widespread use.

Next Page > Key Industry Observations of 2015, Predictions For 2016, Key Takeaways

Key Industry Observations of 2015

In today’s connected world, it’s vital to maintain 360 degrees of vigilance. Your security program
extends from your own software and systems, to employees’ training and access, to everyone who
accesses your network or data.

 

Predictions for 2016

1. Based on our 2015 observations and industry knowledge, we predict four trends to emerge in 2016:

The battle between HTTPS encryption and threat scanning will continue to rage, as companies fear performance trade-offs.

[adrotate banner=”4″]2. Many Flash zero-day viruses were discovered and exploited in 2015.

However, this number will drop gradually because major browser vendors, such as Google and Mozilla, have stopped supporting Flash plugins.

3. Malicious threats will target Android Pay through the vulnerabilities of Near Field
Communication (NFC).

These attacks may leverage malicious Android apps and point-of-sale (POS) terminals, tools that are easy to acquire and manipulate for hackers.

4. In July 2015, Wired magazine reported that two hackers remotely gained control of a 2014 Jeep Cherokee.

There are few cars currently equipped with Android Auto, but with time the number is expected to grow. We can expect malicious entities to invade this new frontier soon, possibly via ransomware (where the victim must pay to exit the vehicle) or even more dangerous intent.

 

Final Takeaways

Once again in 2015, a massive number of breaches succeeded against organizations who thought they were doing everything right. The solution is for companies to approach security as an end-to-end problem. From the creation and storage of data to its consumption and every transit channel in between, if security is weak at any point, the whole system risks collapsing.

Picture a security program as one of architecture’s most fundamentally stable shapes: the arch. If all the pieces of the arch are in place, it’s an unshakeable structure, even gaining strength as it gains load. However, if one of the pieces of the arch is missing or flimsy, the arch will crumble under the slightest weight, no matter how strong the other bricks are.

For security professionals, that means examining your program from every angle, asking each of the following questions:

While absolute perfection may be unattainable, striving for a near-perfect level of security across the
board is the only way to avoid breaches like those experienced in 2015. That means it’s up to IT leaders
like you to create strong policies that extend to all departments of their organizations. It’s equally
imperative to communicate why those policies are important and to maintain oversight of their
execution.

Be knowledgeable, be methodical, and finally, be a strong champion for end-to-end security in your
organization. The best way to ensure your organization does not become a victim of data breaches is
by learning from the mistakes of organizations that have.

 

Support Tech ARP!

If you like our work, you can help support out work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!