Wanna.Cry. Why Was This Cyber Attack So Damaging?

wannacry-seccom-global

Around 15 April, 2017 a group known as the Shadow Brokers released a trove of exploits that were allegedly stolen from the US NSA FuzzBunch toolkit. One of these exploits, codenamed EternalBlue, takes advantage of a vulnerability in Microsoft’s Server Message Block (SMB) protocol. EternalBlue provides local privilege escalation via remote code-execution, thereby allowing malware or an attacker to gain control of unpatched systems without user interaction. This vulnerability was patched by Microsoft on March 14, 2017.

On 12 May, 2017 computers around the world began to be infected by the WannaCrypt ransomware. It has been reported that up to 70,000 systems within Britain’s NHS were subsequently infected. The initial infection is thought to have been via a spear phishing attack and reporting suggests that the attack has not been political in nature. WannaCry began rapidly spreading by automatically infecting network-connected PCs using worm-like behaviour.

If you are uncertain that you are suitably prepared for a threat such as WannaCrypt, call Seccom Global on +61 2 9688 6933.

Find out more in our latest whitepaper.

Death of a Domain

Death of a Domain

 

Your website is the lifeblood of your business, especially if you run an ecommerce site. But what happens to your business when your website is hijacked?

Read this whitepaper to discover how one business inadvertantly lost complete access to their website after partnering with an untested supplier.

Read Whitepaper

Securing the Public Cloud

Securing the Public Cloud

Cyber-attacks upon Australian businesses have been increasing exponentially, due in part to the quick uptake of mobility and cloud computing. This White Paper highlights several solutions to address this growing problem.

Download the White Paper to discover how you can protect your organisation’s cloud data.

 

Read Whitepaper

SecureSTREAM Protecting Ecommerce Websites

White Papers - SecureSTREAM

This Whitepaper will attempt to address some of the reasons a shopper may buy or not buy online, while looking at some of the concerns associated with e-commerce.  The information in this paper will hopefully provide you a greater understanding of what is required to get better traction to your e-commerce site and ensure your site is protected.

Read Whitepaper

 

Software Defined Networks (SDN) Change Everything

Software Defined Networks – SDN will change the way we design, build and manage the networks of the future. Building networks that are no longer proprietary and difficult to manage and which give the network owner more control is the basis on which SDN has been developed.

Cloud based services, mobility and the movement from hosting solutions on a physical premises to being hosted in Data Centres, has made the traditional model of building networks in layers, no longer tangible. These are some of the problems SDN is being developed to address.

This Whitepaper has been written to introduce you to SDN and to assist you in understanding what SDN is being designed to accomplish. There is a lot of information written on SDN and it is easily found on the internet. I hope this paper helps you to begin the journey of understanding.

Read Whitepaper

Understanding Botnets

Arguably, the popularity of Botnets over IRC (Internet Relay Chat – IRC, is a form of real-time messaging or synchronous conferencing over the Internet) stemmed over a decade ago with the EggDrop bot. The ‘EggDrop’ bot (circa 1994) was a non-malicious automated program that could enter an IRC channel and offer various automation and information services to users such as conversation logging, information lookups and replaying IRC command sequences. Eventually EggDrop evolved and was able to connect to other EggDrop bots located on different IRC channels and servers, creating a type of overlay network.

Download Whitepaper

The Attacker Within

As enterprise defenses evolve, so too do the attack vectors leveraged by those seeking to bypass such controls. We are entering an era where attackers are no longer working to punch a hole in the fortress surrounding enterprise IT assets from the outside – they don’t need to – they’re already inside. Thanks to the meteoric rise in the importance of web-based traffic and a laundry list of vulnerabilities in web-aware applications on the desktop, end users are now being turned into enablers for enterprise attacks.

Download Whitepaper

Advanced Security

Leveraging a purpose built architecture capable of high-speed content inspection, the Seccom solution inspects all web traffic in real-time. Content inspection covers not just the URL but also all headers and the full body of all requests and responses. Inspection at this level is vital to ensure security on the web today, which is dominated by dynamic, user-supplied content. Seccom Global’s advanced security implements inspection at four levels – Knowledge of Destination, Payload, Application and Content to ensure that threats are mitigated using increasingly comprehensive scanning techniques.

Download Whitepaper

Your browser wears no clothes

Attackers once viewed browsers as targets for attack. Now, browsers are becoming facilitators of attacks. Browsers are simply a door, which permits access to the data that the attacker is after. The difference here is that a vulnerability does not have to be identified and exploited on the browser itself.

Download Whitepaper

Secure Virtualised Desktop Deployment

For many years providing applications to users has proven to be more challenging than initially perceived. After all, it is providing these applications as business enablers making business function regardless of whether that application be email, web, word processing, spreadsheets or some other legacy application.

Download Whitepaper