0

IT Security Rewind – Week of November 14, 2011

Posted on November 21, 2011 by Josh Arrington

The Thanksgiving holiday is a great time to reflect on the things we are grateful for in IT security like data protection, fraud prevention, identity management and other preventative approaches. Here’s our look at the biggest stories of the week, where those approaches may have failed.  IT teams take note, don’t let these headlines ruin your turkey dinner:

From Russia, with No Love: According to reports from Wired and CNET, hackers from Russia were able to destroy a water pump at a utility in Illinois by hacking into their SCADA system.  This is a disturbing attack, as the hackers apparently breached the network of the company that made the SCADA system, stealing customer usernames and passwords. Worse—this appears to be very similar in scope and process to the recent RSA breach, and it also highlights to continued vulnerability of SCADA systems to these types of attacks (and the importance of controlling privileged access points and hardcoded passwords).

No Safe Space: Details are just beginning to form surrounding new of a Romanian hacker accused of hacking into NASA beginning on Dec. 12, 2010. Authorities claim that the hacker was able to obtain unauthorized access to protected data—an indication that abuse of privileges may have occurred. The hacker, who ended up destroying most of the data, was arrested and charged with multiple crimes.

No One Loves the IRS, Especially the GAO: In broader security news, the Government Accountability Office (GAO) has blasted the Internal Revenue Service (IRS) for failing to implement stronger security measures after numerous reports regarding organizational weakness in internal control over information security. The GAO takes particular exception to the IRS “deficiencies in its controls over access to the automated systems and software applications” and other weaknesses that “increase the risk of unauthorized individuals accessing, altering, or abusing proprietary IRS programs and electronic data and taxpayer information.” If the details are true, it’s quite evident that the IRS is not effectively and proactively managing privileged accounts and identities.

That’s our news for this week—let us know what we missed, and what you are, or aren’t thankful for in the realm of IT security!

0

Cyber-Ark Takes on Vegas: Virtualization Becomes a Reality and Why the Night Shift is Not a Deterrent

Posted on November 10, 2011 by Adam Bosnian

Cyber-Ark's Customer Event

As I walked around the beautiful and magnetic Cosmopolitan hotel in Las Vegas, the venue for our fifth annual North American Customer Event, it was fulfilling to reflect on how far we have come in the past year.  Our vision for proactively protecting sensitive assets has taken on a greater sense of urgency and is increasingly becoming important not only from a security and compliance perspective, but also from a business continuity stand point.

Cyber-Ark has continued to grow across all aspects of our business – with consistent quarter-over-quarter revenue growth, a global management team with expanded depth and experience, and the addition of more than 200 new enterprise customers for a total of more than 950 global customers.  In addition to several enhanced solutions announced over the past year, we chose this event to unveil the latest version of our Privileged Identity Management Suite, with version 7 featuring first-of-its-kind auto-discovery capabilities for proactively detecting privileged accounts within virtualized environments to support security and compliance priorities across the data center.

Last year, for many customers, managing, monitoring and controlling privileged accounts in virtualized environments was a discussion only in its very nascent stages.  Today, those challenges are quickly coming to the forefront as organizations take advantage of the numerous operational and cost benefits associated with virtualized technologies.  However, as we highlighted in our new Privileged Identity Management Suite announcement, that adoption also leads to exponential security risk specifically related to the rapid provisioning of new virtual machines, and managing and monitoring related privileged access and activity. Additionally, organizations need to continue to be acutely aware of the risks of attacks targeting hypervisor privileged accounts, given their massive, high-level access to potentially thousands of virtualized servers, databases and applications.

In fact, our keynote presenter, Joji Montelibano, who leads the Insider Threat Technical Solutions and Standards team at CERT, provided a riveting presentation with details on the types of threat cases his team tracks and analyzes – from sabotage and fraud, to IP theft and espionage.  In fact, he shared one story detailing a near-catastrophic network meltdown after a poorly performing IT administrator had been demoted to the night shift. Bad move says Joji who shared insight into the “30 day rule” – CERT finds most theft occurs within 30 days of someone leaving their job. Joji also shared advice on steps attendees should take within three months of his presentation, such as establishing an incident handling plan, along with suggestions on how to better manage the insider threat through continuous logging, targeted monitoring and real-time alerting.

We thoroughly enjoyed the spirited and insightful customer discussions during this event, and learning more about how our solutions are being used to address current and emerging security, process and operational pain points across the enterprise.  I would also like to extend my gratitude to our spectacular Cyber-Ark team who were instrumental in making this such a memorable event.

And, our team isn’t slowing down! After attending MILCOM, this week, Cyber-Ark hits the road again, traveling to participate at the Gartner Identity & Access Management Summit as well as the Cloud Security Alliance Congress.  Please let us know if you plan to attend either of these events and what you hope to gain from your experiences at the shows.