Hyundai and Seccom Global: A Secure Partnership Six Years Strong

The search for the right IT provider is something many organisations struggle with. Negative experiences – due to a number of factors – mean that few IT service provider and customer relationships stand the test of time.

This is the story of how the development of understanding and trust has led to a successful partnership which has endured.

As one of the world’s leading automotive companies, Hyundai has always stayed ahead of the technology curve. Hyundai Australia quickly saw the value in Seccom Global’s SecureLAN managed firewall offering.

Hyundai’s Head of Infrastrure and Operations, Kawa Farid, said the company looked at a number of options in 2011 when they were looking for a new firewall solution.

“We had the opportunity to buy the firewalls and have them managed by our own team, but there were a number of factors we took into consideration,” he explained.

Chief among these factors was cost. Moving to an operational expenditure model was the first goal due to the savings the company could achieve.

“In this case, having limited resources meant that a managed solution was preferable due to the added benefit of 24/7 monitoring,” he said. “The around the clock monitoring of the network is such a critical part of our operation and by using SecureLAN, I can free up my team to cover other essential tasks.”

By deploying SecureLAN, Hyundai gained one of the most important assets any company can have, time.

“From my side the real benefits are the 24/7 monitoring and the pre-emptive monitoring that Seccom Global provides. This is an area where we cannot afford to make any mistakes,” Farid said.

“To protect us from threats, there are a raft of subject matter experts at Seccom Global monitoring our firewall and they can take pre-emptive action to protect us against threats.

“Cyber security skills are very limited across the industry and so having a team of specialists dedicated to monitoring our environment is a scenario we would not have been able to create without the partnership with Seccom Global.”

This has allowed Farid and his team to concentrate on other areas of the business such as storage infrastructure and support.

“This is the area that has really benefited from the Seccom Global solution, we have been able to free up the team’s time which is increasingly important as they are already overburdened by other tasks.”

“What has worked really well for us over the past ten years we have been working with Seccom Global is the agility of the team. They are giving their customers the right level of attention and are able to accommodate our needs as soon as they change due to an incident for example.”

Wanna.Cry. Why Was This Cyber Attack So Damaging?

wannacry-seccom-global

Around 15 April, 2017 a group known as the Shadow Brokers released a trove of exploits that were allegedly stolen from the US NSA FuzzBunch toolkit. One of these exploits, codenamed EternalBlue, takes advantage of a vulnerability in Microsoft’s Server Message Block (SMB) protocol. EternalBlue provides local privilege escalation via remote code-execution, thereby allowing malware or an attacker to gain control of unpatched systems without user interaction. This vulnerability was patched by Microsoft on March 14, 2017.

On 12 May, 2017 computers around the world began to be infected by the WannaCrypt ransomware. It has been reported that up to 70,000 systems within Britain’s NHS were subsequently infected. The initial infection is thought to have been via a spear phishing attack and reporting suggests that the attack has not been political in nature. WannaCry began rapidly spreading by automatically infecting network-connected PCs using worm-like behaviour.

If you are uncertain that you are suitably prepared for a threat such as WannaCrypt, call Seccom Global on +61 2 9688 6933.

Find out more in our latest whitepaper.

Death of a Domain

Death of a Domain

 

Your website is the lifeblood of your business, especially if you run an e-commerce site. But what happens to your business when your website is hijacked?

Read this whitepaper to discover how one business inadvertently lost complete access to their website after partnering with an untested supplier.

Read Whitepaper

Securing the Public Cloud

Securing the Public Cloud

Cyber-attacks upon Australian businesses have been increasing exponentially, due in part to the quick uptake of mobility and cloud computing. This White Paper highlights several solutions to address this growing problem.

Download the White Paper to discover how you can protect your organisation’s cloud data.

 

Read Whitepaper

5 Reasons to Choose Seccom Global’s Managed Security Solutions

5 Reasons: Managed Security Solutions

Today’s Information Technology world is completely different than it was even 10 years ago. This can create a big headache for a company that hasn’t re-evaluated its IT security services for a few years. Technology is much more complex and more difficult to run & maintain than it used to be; rather than trying to address all the issues in-house, many businesses are now exploring the option of using managed security solutions.

Here are 5 reasons for Australian companies to consider Seccom Global’s managed security solutions if they’re looking to revamp their level of online security:

1 – Agile – Able to respond quicker than “the big boys” for a higher level of service

This is a primary reason to partner with Seccom Global. We have the ability to provide IT and Information Security Services (ISS) and are able to build out, assist with, and / or support the systems we install with ease and efficiency. Seccom Global provides a very high level of service for our clients’ investment with system-centric solutions for business networks. One of Seccom Global’s most unique features that sets us apart from the competition is our ability to be agile and quick to respond when our clients require our assistance.

2 – Customised Solutions – Not a “one size fits all” model

A successful cyber security company’s speed and agility comes from the systems they put in place and maintain for a business. They are able to customise a solution that meets the needs of the customer without introducing too much overhead. The supplier will be able to determine which features will help a client based on their specific needs, and which features will hinder their operations.

3 – Industry-Recognised Leader – #1 Managed Security Service Provider

Recognised as a leader in the field of Managed Security Service Providers (MSSPs) in Australia, Seccom has participated in such events as the On-line Retailer Conference and the e-Commerce Expo to assist retailers in maintaining digital security. Our presence and leadership at these events has helped strengthen Seccom’s position in the marketplace.

4 – Wide Range of Solutions – Able to meet almost any network security need

Seccom Global provides an extensive list of managed security solutions for clients who want to customise the network services being implemented for their business. Some of our managed network solutions include: managed firewalls and secure Internet connectivity, cloud-based virtual servers and hosting, disaster recovery and back-up services, design of wireless networks, SIEM security, IP telephony design, auditing and consulting, migration and technical support, and more.

The team at Seccom Global are experts in fitting all of these services together into a cohesive managed service that provides exactly what a business needs to move forward.

5 – Trusted by Reputable Companies

Seccom Global is the managed security provider for some of the top business brands in Australia, including Toyota, Breville, the RSPCA, LJ Hooker, the Australian Red Cross, and the Sydney Opera House. These companies trust Seccom Global to ensure their network security needs – and their brand – are protected against security threats.

They also look to Seccom Global for excellent customer support to keep their systems up and running without interruption. Seccom Global will continue to lead in the managed security space with their unique approach, fresh thinking and strong focus on customer service.

Contact Seccom Global about Managed Security Services Today

If you have questions about your organisation’s network security needs, or would like to find out more about Seccom Global’s managed security solutions, why not contact us today on +612 9688 9633 to start the conversation.

Loading...
Play Button Play Button

Arm yourself against CryptoLocker, CryptoWall ransomware with data backup

Malicious software can spread like wildfire on the Internet and encrypt your organisation’s files; unless you pay a ransom. But you can thwart these cyber crooks by having your data backed up at an off-site location.

 

CryptoLocker, CryptoWall, can take over your data before you know it

A nonprofit organisation had been in for an unpleasant surprise after 75 gigabytes of its data had been encrypted– all in just 55 minutes. A ransomware known as “CryptoWall version 2.0” had infiltrated one of its administration workstations unknowingly. Seven servers were at risk of loss, unless they paid a ransom of $500 to get the decryption key. Though the organisation had its backups, it would take days before a full system restore could be completed. Therefore, the organisation opted to pay the price in bitcoin. When the group got the decryption tool, it cost another 18 hours before all 75GB of data were restored.

It’s likely this could happen to your business, but there are steps that you can take to prevent it. But before you do, you need to know what you are up against. A malicious software identified as Troj/Ransom-ACP can take your data captive unless you pay money for it to be restored.

One such malware of this kind is the CryptoLocker, which is classified as a Trojan horse because it can penetrate computer systems undetected. It can enter your computer through email attachments or botnet, which attacks when your system has already been compromised with malware. Once it is inside, the CryptoLocker encrypts document files on your Hard Disks, shared networks and Cloud networks. It then connects to a public server that will yield a public-private key that will decrypt your files. The part of the public code will be sent to your computer, but the hackers that operate the malware will keep the private key. They will only provide it to you in exchange for a ransom, which can be paid in bitcoin or MoneyPak. These cyber crooks also install a clock on the desktop counting down to 72 hours as the time limit. Threatening you to pay within the prescribed time, if you do not agree to their terms they often destroy the key, causing the permanent loss of your files.

The perpetrators behind Cryptolocker and even another type of malware had been taken down in late May of 2014. Moreover, researchers from FireEye and Fox-IT had also been able to get a hold of the private decryption keys used in the Cryptolocker scheme, and help victims restore their files.

But unfortunately it did not end there. After CryptoLocker, a malware of the same strand emerged, known as CryptoWall 2.0. It is known to attack computers through infected online advertising channels on trusted websites. Hackers embed the malware on ads so that they can infiltrate the computers of users even if they have not clicked on anything. Meanwhile, the malware goes past the nose of advertisers due to the rigorous stages of the advertising process. These malvertising campaigns can be seen on websites such as Yahoo, The Atlantic and AOL.

The malicious software looks for a point of weakness in the user’s Flash player and other browser plug-ins, and stages its attack. Aside from this, CryptoWall also uses botnet to send infected email attachments that expand its capacity to infect computers. Unlike CryptoLocker, this malware only encrypts audio and video files, and it takes ransom payments in Bitcoin currency only.

To make matters worse, both CryptoLocker and CryptoWall have undergone developments to make them more destructive. Cryptolocker has evolved from a Trojan horse into a worm, allowing it to replicate itself. The malware can now spread through removable drives, and it could disguise itself as an activator for programs like Adobe Photoshop and Microsoft Office on file-sharing sites. On the other hand, CryptoWall has shifted from the HTTP network to TOR, which makes it more difficult for researchers to track it down.

CryptoLocker has been able to strike over 20,000 computers in Australia, leading some of the victims to pay the ransom. The cyber crooks behind this have become savvier now, posing as legitimate sources like Australia Post and the Australian Tax Office to make people open emails with infected attachments.  In fact, the ABC had to go off the air for 30 minutes due to an invasion of ransomware. This prompted ABC to transfer its broadcasting operations from Sydney to Melbourne. The staff of the news agency was deceived with fake emails from Australia Post.

With reports on these types of ransomware, it may seem like there is no way to escape their attacks. But there is always a way out. All it takes is a bit of vigilance, and backing up your data to protect yourself from these destructive software and those behind it.

So what can you do?

Since these types of malware attack your computer systems unknowingly, the best way to thwart their schemes is to implement a periodic backup of data. You should also have an alternate storage of information off-site, to further prevent invasion. This means using storage devices that are offline or simply those that are not hooked up to your computer. Your backup should have three copies for maximum security. Good candidates for offline storage devices include USB external hard drives or DVD recordable disks for data that do not need frequent updates.

You can also ensure a secure back up as well as recovery for your data through SecureDR. This solution offers off-site and real-time backup for your information depending on the level of protection that you need.Your server can be stored at a local SecureDR appliance, or your data can be duplicated at the company’s Data Centres. In this way, you can insure your business from costly loss of vital files and discourage these crooks from making money off your establishment. You may also ramp up security by minimising browser plugins and providing security trainings for your staff so that they will recognise potential malware in your system.

With the proliferation of these malware, there’s nothing wrong with taking a multi-faceted approach to data security and protection. Certainly, you will not want to abet these criminals in their schemes. Through these measures, you are able to stay one step ahead of these crooks while keeping your business safe and sound.

Fortinet Global Security Survey Report 2014

For the third consecutive year, Fortinet has commissioned an independent survey to get a view on the challenges enterprise IT leaders are facing in protecting their organizations from the unpredictable and increasingly problematic challenges of cyber attack, data theft and other IT security concerns.

Independent market research company Lightspeed GMI polled in August 1,610 qualified IT decision makers (ITDMs) including CIOs, CTOs, IT Directors and Heads of IT working at large organizations (500+ employees) from 15 countries around the world.

The objective of the survey we undertook this year was to explore the current perceptions of IT leaders about the challenge of IT security and the changing dynamics within large organizations driven by emerging technologies, increasingly complex and frequent threats, and the impact of security on IT innovation.

Click the button below to obtain the survey report for you to leverage. Highlights include: the increasing boardroom pressure for IT security; the greater difficulty in securing the enterprise and the compromise between security and innovation; spending plans to address Data Privacy & Big Data security; and ITDM’s attitude towards Managed Security Services.

 

 

How to protect your website from attackers?

press release featured image

Every business, whether large or small, needs to have a customer-facing website these days, and in the 12 months to May 2014, Australians spent $15.3 billion on online retail sales, reports Australian security services company Seccom Global.

While this level of online activity is great for commerce in Australia, it also brings with it a host of problems – potentially very damaging ones. Marketing companies and web developers know that a website needs security, but many do not understand the depth of online threats that exist, and the ever-evolving complexity of attacks.

Source: B&T

I Spy: German malware Finfisher infects devices without being detected

malware infects devices

A German malware known as Finfisher can infiltrate devices without being noticed, WikiLeaks revealed. The exposé hopes to encourage development of better detection systems to stop this kind of intrusion in its tracks.

Evasive malware Finfisher brought out into the open

Whether you like it or not, privacy will now be a fleeting concept in our increasingly-connected world. As technologies become more sophisticated, it is becoming easier to infiltrate computers and mobile devices to access personal files. From private persons to corporate entities, anyone can be hacked. Fortunately, there are means to fight off hackers and computer hackers, but first they have to be detected so that developers can provide the right solution. One such recent attention-grabbing issue is the Finfisher spyware suite  from Germany-based unit of Gamma International. The malicious software can intercept communications from computers and mobile devices from a remote location. It canswipe your keystrokes, peer at your Skype messages and even watch you through your webcam –all without you knowing it! This software can also take a glance at your email messages, chat conversations and turn on your microphone to listen and record your conversations.

Wikileaks exposed that the “weaponised malware” developer sold Finfisher to regimes with poor track records on human rights. The company denies this, saying that it only does business with reputable law enforcement agencies.  Thanks to a hacker that goes by the name of “Phineas Fisher,” the whistle-blowing website had been able to obtain documents identifying the list of countries that bought Finfisher. This list includes: Australia, Bahrain, Bangladesh, Belgium, Bosnia-Herzegovina, Estonia, Hungary, Italy, Mongolia, Nigeria, Netherlands, Pakistan, Singapore, Slovakia, Qatar, South Africa and Vietnam.

The software has been deemed as a tool that allows governments to spy on dissidents, journalists and human rights activists when it was discovered in Egypt back in 2011. Two human rights protesters were able to unearth documents showing that the government’s State Security Investigations service had purchased the software, to breach the email accounts of purported activists.

Finfisher is perfectly capable of bypassing the security systems of OS X, Windows and Linux computers, and is able to penetrate mobile devices using Android, iOS, Blackberry, Symbian and Windows Mobile systems. This basically allows it to infiltrate most of the world’s computers and mobile devices. Fortunately, Wikileaks also released copies of the spyware tool to enable researchers to track down its control nodes and develop better detection systems. This includes the FinFisher Relay, FinSpyProxy, the FinFisherFinSpyPC spyware for Windows and a copy of the code for FinSpy Master.

Among the uncovered patrons of Finfisher is the New South Wales Police Force. This was evidenced through the agency’s support requests and an alleged support ticket for an OS X operating system. The NSW Police purportedly had problems with FinSpy when it was trying to penetrate a Mac computer of a “surveillance target” that was offline. The agency, however, refused to comment when asked regarding the issue.

How Finfisher stealthily takes over your gadgets

The FinFisher Relay and FinSpy Proxy from Finfisher, are capable of surreptitiously gathering data from targeted people and easily deliver these to security agencies.  FinSpy, in particular can take over systems remotely. It can gather data from prospects even if they constantly change their location around the world and encrypt their communication channels.  Before using FinSpy, surveillance agencies will need to purchase licenses from Finfisher because the information they need goes through the servers of the company, before being sent to the agency groups.

Other offerings from Finfisher include the FinFly USB, FinIntrusion Kit and FinUSB suite. With the FinFly USB, security agents with no formal training in IT can obtain data by physically inserting the USB stick into the target’s computer. Then, the device installs the configured software into the system automatically. It can be used to run the same procedure on other several systems as well.

Meanwhile, the FinIntrusion Kit functions as a portable pack containing all the IT devices used for offensive and defensive covert operations.  Along with the malware, this comes with adapters and antennas needed for the undertaking. The FinUSB suite allows surveillance agencies to gather forensic information instantly from computer systems. It comes with ten USB sticks, which are already configured to search for specific data. The devices can also be used to decode and analyse information. Aside from the USB dongles, the package also offers a headquarter notebook.

Teamwork of various sectors can take down Finfisher

Thanks to the exposé of Wikileaks, the public now has knowledge on the capability of Finfisher. The copies of the Finfisher suite and the Finfisher Fin Spy for PC will allow researchers and developers to create the appropriate solution that would detect their invasion. Eventually, they can be eliminated from computer systems, and keep themsecure.

However, users of computers and mobile devices also need to keep an eye out for any unusual activity coming from their gadgets, just as what Bahraini activist Mohammad “Moosa” Abd-Ali Ali had done. The phantom Facebook messages sent from his device alerted him to the presence of Finfisher on his computer. Following this, civil liberties group Privacy International filed a complaint against UK-based Gamma International, on the behalf of Moosa and two others. The High Court also expressed discouragement over the sale of the spyware; and commended pressure groups for taking action against it.

To fight off Finfisher, the public, private and civil society sectors need to team up and address its invasion of computer systems. Like a domino effect, the actions of Phineas Fisher and Wikileaks have set off a wave of opportunities for different sectors to eliminate Finfisher.This multi-faceted approach can ensure that people can be protected from this malicious spyware.

Why a Managed IP Telephony Services is the efficient, secure solution for your business

managed IP telephony services

IP Telephony services enable businesses to streamline and reduce communication costs as compared to the traditional landline telephone system. With a managed IP Telephony service, enterprises can ensure reliable systems, without compromising security.

Better communication without the cost

The Internet age has put almost everything within arm’s reach with only the help of a computer, or a mobile device with a reliable connection to the web. This development even includes telephone calls. What was once the realm of the traditional, public switched telephone network (PSTN) can now be done through Internet telephony or an IP telephone system. This system refers to the technology that supports various real-time communication applications over IP, which include instant messaging and videoconferencing. It also covers the two-way transmission of voice over the Internet, or VoIP.

Developments on IP telephony in the 1990s made it a viable alternative for the traditional landline telephone system, particularly because of its much lower digital requirement when transmitting calls without sacrificing voice quality. It also reduces the cost of international calls as compared to making them via regular telephones, without raising any additional fees for Internet access.

Since the IP telephony system proves to be cost-effective, businesses are getting on board with it, and IP telephony services have emerged as one of the top choices for collaboration technology for several information technology executives. VoIP technology is also being seen as convenient for businesses because some service providers include phones and adapters as part of the contract, and applications could be configured for laptops and mobile devices. Meanwhile, cloud-based IP telephony services enable businesses to enjoy mobility in managing their businesses from different parts of the globe with only the requirement of a reliable Internet connection.

With these advantages, an IP telephony system can easily be considereda worthy investment for companies. It allows enterprises to streamline communications, and in turn, improve their operations. It may even allow them to explore unchartered waters, expand their business and achieve growth in the long run.

Efficient service without compromising security

The use of IP telephony service for enterprises may entail consolidating the IP and telephone services network of a certain company. When IP telephony was in infancy, the IP and the telephone services were on separate networks, with service providers having a background on installing traditional, analogue telephone services. Nowadays, the combination of the IP and telephone services on a single network could compromise an organisation’s information security.

Unlike other providers, Seccom Global incorporates security in its offering of IP telephony service system for companies. It has years of experience providing connectivity and Internet security for several organisations in Australia. This has made Seccom Global a leader when it comes to the field of information and cyber security. Nevertheless, its security services will not in any way impede the quality of IP telephony service provided to various types of enterprises.

A well-maintained system that addresses changing needs              

For an efficient and a reliable IP telephony system, regular maintenance and upgrades must be performed. This can only be carried out by professionals who keep abreast with developments to the technology, and not those who are still left in the dark.  A managed IP telephony service typically means that the design and installation of an enterprise IP telephony system is done by professionals who have adequate skills to ensure that the technology achieves maximum performance. These people are part of the service offered by the provider, and not sourced in-house. They are capable of managing the IP telephony system remote and on-site, round-the-clock to address arising issues promptly and meet the company’s expectations.

The managed IP telephony service offered by Seccom Global ensures that the company’s devices undergo regular updates, to maintain efficiency and protect them from cyber attacks. Furthermore, we can also extend help to organisations planning to build an IPtelephony solution that would be implemented on different platforms to address their needs in the present and in the future.

By having a managed IP telephony service in place, companies can have a system that undergoes regular upkeepwithout having to invest on an in-house team to implement this task. Enterprises would be able to take off their concerns over their technological infrastructure, and focus more on their customers and on growing their business.