How to work safely outside the office

The problems created by quarantine against the Corona Virus (Covid-19) causes serious difficulties for businesses. Most people have to work safely from their homes. Of course, this means that not only is there a need for communication between colleagues, but also the data that is exchanged should be safe and should not compromise company confidentiality and provide personal data protection (GDPR).

"SEMA GROUP" Ltd. (semagroup.net) together with Armor Comms-United Kingdom (armourcomms.com) offers a secure system for communication and data exchange. Understanding the emergency situation and not risking people's lives and health, we offer a 3 month subscription instead of the 12 months required so far. This will allow both your people and your company's data to be safe.

Armor Comms has developed market-leading voice, video, messaging and data encryption technology and solutions for standard smartphones, tablets and computers. The product of your choice is received and paid online without leaving your home. Get easy-to-use, cost-effective technology that combines state-of-the-art cloud-based security and on-premises security solutions. Armor Comms products are FIPS, CPA and NATO certified.

Alternatively, you can use the newest iStorage cloud solution, CloudAshur.

For more information do not hesitate to contact us at This email address is being protected from spambots. You need JavaScript enabled to view it.

How to work safely outside the office

The problems created by quarantine against the Corona Virus (Covid-19) causes serious difficulties for businesses. Most people have to work safely from their homes. Of course, this means that not only is there a need for communication between colleagues, but also the data that is exchanged should be safe and should not compromise company confidentiality and provide personal data protection (GDPR).

"SEMA GROUP" Ltd. (semagroup.net) together with Armor Comms-United Kingdom (armourcomms.com) offers a secure system for communication and data exchange. Understanding the emergency situation and not risking people's lives and health, we offer a 3 month subscription instead of the 12 months required so far. This will allow both your people and your company's data to be safe.

Armor Comms has developed market-leading voice, video, messaging and data encryption technology and solutions for standard smartphones, tablets and computers. The product of your choice is received and paid online without leaving your home. Get easy-to-use, cost-effective technology that combines state-of-the-art cloud-based security and on-premises security solutions. Armor Comms products are FIPS, CPA and NATO certified.

Alternatively, you can use the newest iStorage cloud solution, CloudAshur.

For more information do not hesitate to contact us at This email address is being protected from spambots. You need JavaScript enabled to view it.

How Darktrace identifies ransomware before it spreads


Source: https://www.darktrace.com/technology/#ransomware

Detecting & Fighting Ransomware in Real Time Technical Brief

Download our Healthcare Industry Spotlight

Ransomware Case Study: Catholic Charities of Santa Clara

In 2016 cyber-criminals launched 638 million ransomware attacks. That’s a 167-fold increase from the 4 million attack attempts in 2015, with most of the attacks delivered as phishing campaigns capable of by-passing existing defense mechanisms. With the rise of ransomware-as-a-service lowering the barrier to entry, it is now easier than ever for attackers to access and deploy ransomware.

Once inside the enterprise, the malware encrypts data and looks to spread to other devices or shared drives. The speed with which the attack can spread and devastating effects it can have make ransomware an attractive proposition for cyber attackers.

Darktrace’s Enterprise Immune System has been proven to detect and defend against emerging ransomware attacks across every industry. The Enterprise Immune System, using machine learning and AI algorithms, is able to identify a wide range of anomalies pertaining to ransomware, taking into account weak indicators to form a compelling picture of the overall threat level.

For example, Darktrace successfully identified WannaCry malware activity due to the highly anomalous way in which the devices were behaving as they attempted to access and encrypt files, and laterally scan for other exposed devices.

On detecting the ransomware, Darktrace responds in real time by forcibly dropping suspect connections within the internal network and stopping its spread. This entirely autonomous response, generated by Darktrace Antigena, gave security teams the vital time to catch up before the data was lost or encrypted.

Darktrace has discovered 16,000 ‘serious’ early-stage threats across 1,200 deployments of its Enterprise Immune System technology worldwide, according to a report by the company.
 
“With 8.6 billion things connected by 2020, Asia-Pacific is shaping up to be the leading region for the ‘Internet of Things’ (IoT),” says Sanjay Aurora, Darktrace Managing Director, Asia-Pacific.
 
“However, the distinction between offline and online is blurring as attackers can now gain access through previously unrelated vectors, such as infecting videoconferencing equipment and biometric sensors with malware.”
 
“Clearly, greater visibility needs to be extended beyond traditional enterprise systems, and machine learning technology can help cope with tracking anomalies across the vast IoT environment before any serious damage is done.”
 
IoT increases attack surface

The emerging IoT movement is transforming business, and opening new windows of opportunity for attackers. Non-traditional IT, from connected coffee machines to videoconferencing units, are now being exploited by attackers to jump into corporate networks, unobserved. Darktrace discovered that a video conferencing system at a multinational retailer has been compromised, allowing intruders to listen in to the audio content.

Digital attacks impact physical security

Connected devices are also putting physical safety and security at risk, whether as part of industrial networks or the IT network. In one example, an attacker was caught compromising a fingerprint scanner, which restricted physical access to the machinery at an important manufacturing plant, and replacing legitimate fingerprint data.

‘Automated attacks’ are too fast for humans

The speed of attacks is increasing. Automated attacks can move at the speed of computer processes, with ransomware crippling entire groups of computers in minutes. Darktrace’s self-learning approach allowed the detection of an automated ransomware attack within one minute of infiltration. The victim organization was able to stop the spread of the malicious code in real time, avoiding a significant ransom demand.

 
Darktrace hopes to be a leader in the move to automated cyber security to free up security professionals to focus on business risk and innovation

 

Cyber security will be mainly automated based on artificial intelligence (AI) in future, predicts UK information security startup Darktrace.
The company aims to a leader in the move into this new era of information security, and is already working on the next phase of its self-learning security system to enable automatic defence.
Darktrace is recognised as one of the UK’s most successful security startups, with founders including senior members of the UK government’s cyber community from MI5 and GCHQ.
The company also has close links to the maths department at Cambridge University, with Darktrace’s threat-detection and machine-learning capabilities based entirely on mathematical models.
This mathematical base is core to Darktrace’s ability to detect threats without any prior knowledge of what it is looking for and without any need for rules or attack signatures. The company believes that this is what distinguishes Darktrace from traditional security systems and other behavioural analytics systems that rely on mathematical extrapolations of past attacks or analysis of big data collected from various logging systems.
Darktrace’s Enterprise Immune System is modelled on the human immune system and is designed to address the challenge of insider threat and advanced cyber attacks through detecting previously unidentified threats in real time, as manifested in the emerging behaviour of a specific organisation’s network, people and devices, including mobile devices and internet of things (IoT) devices.
“We believe we are the only ones at the moment who focus only on learning from the behaviours of people and systems within the business rather than on algorithms that look for known types of attacks,” said Darktrace co-founder and director of technology Dave Palmer.
“We believe in a continuous security approach because there will always be risks, and organisations need to have the capability to deal with them and bring that risk down to a manageable level all the time – rather than having a roller-coaster situation,” he told Computer Weekly.
Darktrace uses a human immune system analogy, said Palmer, because security needs to be working all the time to ensure the right managers and the board are aware of the risks. This is so they can manage it down to an acceptable level by learning and understanding more about how the business works than an attacker ever could.  
“The system is based on the conviction that if you want to do this right, you have got to focus on what your people and devices really do and then be able to look for what is unusual, different or strange, which makes the system unique to the organisation in which it is deployed,” he said.
 
Firms unaware of cyber risk
 
According to Palmer,  who oversees the mathematics and engineering teams at Darktrace, organisations are typically not aware of all the latent cyber risk in their business operations, which is illustrated by the fact that in 100% of organisations where Darktrace has been implemented, the system has identified previously unknown risks.
“Most organisations do not recognise the true breadth of the digital business, but this can be accurately established and visualised using machine learning and mathematical analysis to find everything that makes up the digital business and what it is communicating with,” he said.
At one company, for example, Darktrace detected that a fingerprint sensor used for access to the building was connecting to the internet in an unexpected way.
An investigation revealed that attackers had established a link to the sensor that was connected to the internet in a way that it should not have been. The attackers were exploiting a published security vulnerability in the fingerprint sensor to upload data that would have given the attackers physical access to building if the exploit had remained undetected. The attacker had also installed malware on the system that they planned to use to establish a foothold in the organisation’s IT network.
“Rather than focussing on any particular kind of attack or behaviour, the Darktrace system monitors everything that is going on in a digital enterprise and looks for the unexpected, such as the fingerprint sensor’s communication over the internet and a firmware update,” said Palmer.
To keep the false positives to an absolute minimum, Darktrace uses a combination of 12 different machine-learning algorithms that are monitored by a supervisory mathematical model that uses probability theory and to assess how well these algorithms are working and Bayesian modelling to learn and adapt the system’s output.
 
Self-learning system
 
According to Palmer, the system uses up to one year of data to look at everything happening in the context of what has happened before.
“This is proving to be enormously powerful in advancing machine learning in ways that were not possible before now,” he said.
And because the system is self-learning, Palmer said the system is not constrained by pre-conceived human thinking.
Page 1 of 2