Category Archives: Cyber-security

Cyber security is a very special area that experts describe as "dreadful". It concerns computers, smartphones, connected devices… all this little world sensitive to Internet security.

What IT security teams do when they're not dedicated to their work

6 hours is the time that IT security teams spend in leisure during their working time. Leisure that are mostly digital…

In the report published by the cybersecurity firm Kaspersky, Kaspersky IT Security Economics, a study that is dedicated specifically to all practices carried out daily in the cybersecurity trades, it is said that 85% of IT security teams in the world use their working time to distract themselves. This figure is 78% in Europe.

This time used in to distract themselves in working conditions is estimated at 6 hours per week worldwide. In Europe this is estimated at 5 hours per week. This is equivalent to one hour more than other company staff.

This article will also interest you: How to build a good security team despite the lack of competence

The reasons that are generally cited for this situation would be the need to distract yourself from the stress caused by the excessive workload. One reason that is used to often justify resigning from one's job says computer security.

"Business cybersecurity missions can mean routine and repetitive tasks, which can affect both productivity and motivation at work. In addition, the shift to remote work has made the line between working and personal time even more blurred. This combination of factors can lead to situations where employees are often distracted in their work. "The report explains.

It should be noted that the study carried out by the Russian computer security company "IT Security Economics" was carried out among 5,200 IT security and IT professionals. It was conducted in 31 countries. It should be noted that this study highlights the most common extra-professional activities carried out by IT security teams. We're talking about:

– Reading up to 42%

– viewing videos on YouTube, which accounts for 37% of the practices

– the use of social networks, which accounts for 32% of the practices

– watching series and films that are 34%.

The study found that employees in Europe, unlike others in the rest of the world, are generally less distracted from their working time so it gives less of an extra-professional activity.

From a practical point of view, Kaspersky's report highlights overwork as a key element to be taken into account when organising the working days of the different teams. According to 46 per cent of employees worldwide, and 42 per cent on a European scale, their colleagues have abandoned their positions because of the workload considered too high. Yet due to leisure time, these workloads do not seem that high. However, 48% of employees worldwide and 43 at the European level felt that distraction is perceived as necessary between different tasks to be carried out. This has absolutely nothing to do with boredom or lack of work.

It should also be noted that telework has brought its touch of change to the collaborative context. Indeed, there is the possibility of programming staff from now on at hours that are not usually reserved for work. Whether it's earlier in the day or later. In these often longer working conditions, employees feel the need to take breaks often in order to remain productive.

"The fact that employees spend time on leisure time during their working time is not a problem in itself, on the contrary. Especially if it is life-saving. I think we need to make sure that the missions are carried out properly, not to control the time that has been spent on distractions. On the other hand, if an employee lacks interest in his work and the company does not offer the best conditions for the missions to be carried out, it is normal for him to look for another activity to cling to, both in the company's premises and in remote work," comments Andrey Evdokimov, Kaspersky's Head of Information Security.

"Members of an IT team, like other services, need clear objectives and well-defined missions to achieve so that the quality and speed of their work can be assessed. Until expected performance is affected, there is no problem with a person devoting time to activities that distract them. On the other hand, if efficiency tends to decline or differs significantly from that of colleagues, attention should be paid. The objective of the manager is to inform employees as soon as possible of potential low productivity, so that they can together identify the cause of the problem and find solutions," recommends Sergey Soldatov, Head of Kaspersky's Security Operations Centre.

Now access an unlimited number of passwords:

Check out our hacking software

Cybersecurity: What if the federal Department of Public Safety has been lax?

Recently, a published report revealed that the federal Department of Public Safety poses a serious problem in terms of organization and compliance with computer security rules.

The administration would then be "lax" when using external device in media.

This article will also interest you: Computer security and human beings

"The federal Department of Public Safety intends to encrypt all data stored on desktops and laptops and disable all default USB ports when a software upgrade is completed in the department," the report said.

The intriguing part of the same report states that some employees who were no longer part of the department in question "still had privileged access to the network" while "some current employees have unnecessary administrative access to mission-critical applications."

It is following an audit carried out during last April is made public 11 July that the report was published

The little-noticed internal audit was completed in April and made public in July.

For his part, the author of the report advises to make several improvements to reassure the security of the department's computer systems. An administration that is responsible for most security-related institutions, such as the RCMP, the Canadian Intelligence Service or the Parole Board of Canada Correctional Service

It was after the arrest of the former DIRECTOR of the RCMP that report was made public. This is Cameron Jay Ortis, a former officer of the Royal Canadian Mounted Police.He was charged with disclosing secret information to a recipient who probably did not have the accreditation or even the right to do so. A disclosure that was made illegally. The investigation for the hypothesis of a foreign entity.

According to the audit report, there is no formal way for the ministerial administration to systematically identify, assess and analyze the risks that could be related to the security of all of their information technologies. The officials at the time had not thought instituted periodic reviews or even continuous monitoring of the whole has privileges to give access to the computer network.

For example, deleting an access when one leaves, you have them fill out a form. According to information received by inspectors, this form is rarely completed. Not to mention that the incidents in question were rarely followed when they involved technology services.

"The audit could not confirm that all computer security incidents were recorded and processed through appropriate channels to ensure that corrective action was taken in a timely manner. The report reads.

The report states that those directly involved in information technology management in the department were not adequately trained in the requirements for the processing of electronic files and the use of secure means of transmission.

"The transmission of sensitive PS information or documents to personal email addresses without additional protection such as encryption is also not monitored. "The report explains.

"The audit revealed that the Ministry of Public Safety does not keep records of the USB sticks that have been issued and that there are limited controls in place to identify if individuals are backing up sensitive information on a USB stick,"

"In addition, it does not retrieve USB sticks during security checks to examine their contents. There is therefore a risk that USB sticks may contain sensitive, unencrypted information that could constitute a security incident. the report read.

Faced with this situation, the ministry then proposes to encrypt all the data that will now be stored in the computers present in the offices of the ministry.

"Safety awareness and training must be conducted in a systematic and comprehensive manner to ensure that individuals are informed of their IT security responsibilities and maintain the knowledge and skills necessary to carry out their duties effectively," the report says.

Now access an unlimited number of passwords:

Check out our hacking software

Computer security and human beings

In the world Economic Forum's latest global risk report, it security gaps are an important part of classifications.

The question at this level is what steps should be taken to anticipate the problem and to plug it if possible.

This article will also interest you: Computer security: firefighters from a French community victims of cyberattack

In a rather simplistic approach to computer threats, it should be noted that the majority of computer attacks start with email. For all malware that is in circulation, their negative impact depends on the action of a user for that to be. On the hackers' side, tactics have changed. Indeed, they rely much more on human weaknesses. Their actions rely much more on phishing or social engineering companions, much less on sophisticated techniques. The plan is very simple: to push the targeted people to commit the blame themselves often by providing them with the necessary access.

"Today, the three most dangerous types of attacks used by cybercriminals for profit revolve around the human factor. These include the BEC (Business Email Compromise) or President's Scam, the compromise of email accounts (when real accounts are spoofed by cyber criminals) and ransomware attacks. ». Note Irene Marx, Country Manager, Switzerland and Austria at Proofpoint.

BEC-type computer attacks are usually fairly well-crafted or treacherous attacks. "Attackers usually send a clear text message that is not identified as a threat by most email security systems. Once the message has been delivered to the employee's inbox, it is up to the employee to assess the authenticity of the email. Often, the sender's address has been carefully falsified to mimic that of a superior or supply chain partner, while the content has been individually tailored to the recipient. If the latter is not aware of this type of attack, it is not impossible that he will transfer to a hacker account or send sensitive information such as corporate secrets to the supposed superior. With billions of dollars a year in damages, BEC attacks are now the source of most cyber insurance claims. Irene Marx.

70% of industry leaders believe that employees pose a very high threat to computer security, according to a study provided by Proofpoint.

If more and more companies are becoming aware of this reality, there is still a limit to be observed. Few companies train and educate their employees properly. In fact, 77 percent of companies only raise awareness and train their employees twice a year. And of course this is largely not enough given the current context where computer attacks are increasingly pressing and imminent.

"Only a multi-level security concept can effectively protect the organization: companies are required to invest in email security. They must ensure that attempted fraud and other email attacks are detected and do not reach the recipients' inbox. But user training should not be overlooked, so that employees are able to responsibly identify and process fraudulent emails in their inbox. Because it is only when technology and trained users work together that security in the company can be increased in the long run. "Describes the local Leader of Proofpoint.

In similar situations, it will be said that the IT security of companies relies in some way on employees. In light of this, Michele Rapisarda, Head of Large Accounts at Proofpoint in Switzerland and Austria, said: "We believe that a strong defence can only be achieved through the effective interaction of technology, processes and people. Regardless of their scale, the vast majority of cyberattacks have in common to start with an email and try to deceive a human— so we need a people-centered defense strategy. Training is a fundamental part of this approach, as are email security solutions that can detect suspicious messages at an early stage. ».

Now access an unlimited number of passwords:

Check out our hacking software

Cybersecurity specialist Olivier Laurelli aka Bluetouff: "We need to train in the face of cyber attacks"

As we can see all the time, computer attacks that target all sectors will not stop any time soon.

We see that they are multiplying more and more. Corollary of this situation, massive leaks of personal data. The question that everyone is asking today and who are these people behind these cyberattacks? What explains this increase in computer attacks? In addition, can computer attacks be linked to data leaks, especially medical data?

This article will also interest you: How to protect your company from computer attacks?

"It's very difficult to say who the people are behind this or that attack, but they are often the same mechanisms. Then you have to differentiate between two levels of attack: those that involve massive campaigns, and others on more targeted attacks. Massive campaigns, like those against hospitals, are mailing campaigns, and unfortunately, it's like when you fish for driftnet, it bites. And when it falls on a hospital it can lead to dysfunctions that are specific to the organization of the target organization," explains Olivier Laurelli, founder of the news site, hacker and computer security consultant in response to the last question.

Asked what might explain this increase in computer attacks compared to previous years, our specialist says: "Actually this situation is not new. But each public body has different needs in terms of data backup. A hospital, for example, has enormous needs, if you take all the medical imaging, for example. There needs to be much more backup dimensions than for others. But we know the difficulties that hospitals have in meeting basic needs, in terms of equipment, staff, salaries of caregivers. So computer security often comes second, unfortunately."

But one question remains quite difficult to answer. It's knowing what might motivate hackers in this momentum. Only for money or in a desire to destabilize your system? It is clear that from a certain point of view, the money hypothesis may well be justified in some way. Especially when we see that the ransoms demanded today by cyber criminals are high enough. Of course this cannot explain all this reality. It can't just be that. "Now I think we are more in mafia mechanisms, in the desire to get money out. Destabilizing a system, I do not think we are there yet. After that it can become so, if you don't take care of it, and you let your guard down. So there is no quick fix, we have to do prevention, train the staff. Everything goes through that, especially at a time when we need to telework more, to exchange encrypted data. It's something that is acquired and takes time" gives his point of view, Olivier Laurelli.

Now access an unlimited number of passwords:

Check out our hacking software

Telework: Community data security must be a priority

With the health context, the various services, whether private or public, have had to resort in some way to remote collaboration.

Unfortunately, this collaboration is not without risk. The risk here is well known. It's cyber malice. Hackers are taking advantage of certain misbehaviour in digital hygiene to initiate more and more computer attacks. Communities in the face of this situation are fragile. And this is not done to arrange data management being under their responsibilities.

This article will also interest you: Computer security: teleworkers, prime targets for hackers

"Inaccessibility of websites, theft of sensitive data, ransom demands using malware (ransomware), hacking of Twitter accounts and other social networks, etc. The risk of cyberattacks has increased with the containment that has forced telework to many agents. Indeed, remote work has developed in a hurry, mostly without a suitable security framework: a boon for hackers. We need to be aware that cybercriminals are on the lookout for all (good) opportunities to infiltrate the computer systems of individuals, businesses, communities and even the state. The mass spread of telework and distance education gives them an opening," points out Olivier Daroux, the head of cybersecurity at SMACL Insurance, who is also a member of the Club of Information Security and Digital Security Experts, Cesin, who is trying to provide some advice on security.

Indeed, it is clear to everyone that the proliferation of connected workstations also means the multiplication of attack vectors. In communities, staff can easily open the door to cybercrime, such as a corrupted email or by accidentally installing malware. When the work has to be done on a personal terminal, the risk seems much greater. Indeed, on personal devices, it is not uncommon for the user to be much more relaxed in terms of prevention and computer security. Of course the task becomes much easier for cyber criminals

"Securing agents' remote work is therefore imperative to avoid cyber-piracy. In addition to integrating telework into IT security policy and appointing an IT Security Officer for Information Systems (RSSI), practices that are still uncommon in communities, the focus must be on raising awareness among officers and elected officials.The abuse of professional resources for personal activities can increase risky behaviours," stresses Clusive.

Indeed, we can see that the majority of computer attacks, draw their source from the lack of vigilance of users. As we know, cyber hacking practices are classic. Whether it's phishing or any other means, all techniques are already known and scrutinized. But if it continues. This is surely because users are stubborn enough not to follow the rules necessary for their computer security. And it affects the whole group especially when these people are in a company or in a team.

Now access an unlimited number of passwords:

Check out our hacking software