Kasper­sky Lab presents META cy­ber­se­cu­rity trends

‘Oper­a­tion Par­lia­ment’, Polys un­veiled • Health­care fac­ing cy­ber threats

Kuwait Times - - Technology - By Is­lam Al-Sharaa

IS­TAN­BUL: On April 11-14, Kasper­sky Lab held its an­nual Cy­ber Se­cu­rity Week­end for the Mid­dle East, Tur­key and Africa (META) in Is­tan­bul to ex­plore the evo­lu­tion of the threat land­scape both – glob­ally and in the re­gion, and find out which ap­proaches busi­nesses need to take in or­der to sur­vive. Kasper­sky Lab’s Global Re­search & Anal­y­sis Team (GReAT) ex­perts and in­vited ex­perts dis­cussed var­i­ous top­ics dur­ing the event, in­clud­ing IoT se­cu­rity, blockchain tech­nol­ogy and the rise of tar­geted at­tacks as well as threats aimed at med­i­cal in­fras­truc­ture.

Dur­ing the event, statis­tics from the Kasper­sky Se­cu­rity Net­work for the first quar­ter of 2018 were re­vealed and showed an over­all in­crease in lo­cal threats in­fec­tions (mal­ware spread in lo­cal net­works, by USBs, CDs, DVDs) with Kenya tak­ing the first place with 61.8 per­cent of its users in­fected, fol­lowed by 58.6 per­cent in Nige­ria, 50.8 per­cent in Oman, and 55.6 per­cent in both Egypt and Le­banon. Tur­key re­ported the low­est num­ber of lo­cal threat in­fec­tions with 46.2 per­cent.

The statis­tics for the same pe­riod of time also showed a no­tice­able over­all in­crease in web threats with 30.2 per­cent of users af­fects by mal­ware in Saudi Ara­bia, 28.8 per­cent in both Egypt and Oman fol­lowed by 27.4 per­cent in the UAE. On the other hand, South Africa had the low­est num­ber of af­fected users in the META re­gion (48.8 per­cent for lo­cal and 19.6 per­cent for web threats).

“We have seen an 8.5 per­cent in­crease in ran­somware at­tacks in the META re­gion in Q1 of 2018 com­pared to Q1 of last year, this num­ber is not sur­pris­ing, judg­ing by the in­fa­mous suc­cess of ma­jor ran­somware at­tacks last year. We do ex­pect such at­tacks to grow and evolve in com­plex­ity and so­phis­ti­ca­tion. This high­lights the im­por­tance of proper se­cu­rity so­lu­tions backed with con­tin­u­ous se­cu­rity train­ing to raise aware­ness on the dan­gers of such at­tacks,” said Mo­hamad Amin Has­bini, Se­nior Se­cu­rity Re­searcher, Global Re­search & Anal­y­sis Team, Kasper­sky Lab.

A panel of ex­perts from Kasper­sky Lab and spe­cially in­vited guests from Tur­key and UAE spoke about how the blockchain af­fects the way peo­ple live and work nowa­days. Nas­sar Al-Achkar, CEO of Hyper­Chain said: “I’m hon­ored to take part in this event and talk about blockchain. It’s im­por­tant to con­stantly ed­u­cate peo­ple on the uses of this tech­nol­ogy as I be­lieve it is yet an­other step to­wards a brighter more ef­fi­cient fu­ture. I also salute Kasper­sky Lab for their ef­forts in study­ing this tech­nol­ogy and as­sess­ing its cy­ber risks.”

The dis­cus­sion also briefly touched on Kasper­sky Lab’s an­nounce­ment about the Polys vot­ing sys­tem which is based around blockchain tech­nol­ogy. With or­ga­ni­za­tions fac­ing a wide range of cy­berthreats that come from the out­side as well as from the in­side, they should have a holis­tic ap­proach to cy­ber­se­cu­rity that unites an ef­fec­tive IT se­cu­rity so­lu­tion, em­ployee ed­u­ca­tion and se­cu­rity poli­cies un­der­stood and fol­lowed by em­ploy­ees. Kasper­sky Lab’s re­cently launched Threat Man­age­ment and De­fense so­lu­tion gives busi­nesses the op­por­tu­nity to adopt a strate­gic ap­proach to de­tect­ing com­plex at­tacks across the cor­po­rate IT in­fras­truc­ture and suc­cess­fully gain con­trol and vis­i­bil­ity of their se­cu­rity en­vi­ron­ment by mit­i­gat­ing risk in to­day’s dig­i­tal world.

Cy­beres­pi­onage cam­paign

Dur­ing Kasper­sky Lab’s Cy­ber Se­cu­rity Week­end, a new cy­beres­pi­onage cam­paign was an­nounced: “Oper­a­tion Par­lia­ment” is tar­get­ing high pro­file or­ga­ni­za­tions from around the world with a fo­cus on the Mid­dle East and North Africa. The at­tacks have been ac­tive since 2017 and have tar­geted top leg­isla­tive, ex­ec­u­tive and ju­di­cial pow­ers, in­clud­ing but not lim­ited to gov­ern­men­tal and large pri­vate en­ti­ties from the re­gion, in­clud­ing the UAE, Saudi Ara­bia, Jor­dan, Pales­tine, Egypt, Kuwait, Qatar, Iraq, Le­banon, Oman, Dji­bouti and Somalia – all to­gether com­pany ex­perts de­tected vic­tims in 27 coun­tries.

Kasper­sky Lab ex­perts be­lieve that “Oper­a­tion Par­lia­ment” rep­re­sents a new geopo­lit­i­cally mo­ti­vated threat ac­tor that is highly ac­tive and skilled. At­tack­ers are also be­lieved to have ac­cess to an elab­o­rate data­base of con­tacts for sen­si­tive or­ga­ni­za­tions and per­son­nel world­wide, es­pe­cially of non-trained staff. Vic­tims of the at­tacks in­clude gov­ern­ment en­ti­ties, po­lit­i­cal fig­ures, mil­i­tary and in­tel­li­gence agen­cies, me­dia out­lets, re­search cen­ters, Olympic foun­da­tions and large pri­vate com­pa­nies.

Based on the find­ings, the at­tack­ers in­fil­trated their vic­tims us­ing mal­ware that pro­vides them with a re­mote cmd/pow­er­shell ter­mi­nal that en­ables them to ex­e­cute any scripts/com­mands and re­ceive the re­sult through http re­quests. The at­tacks have taken great care to stay under the radar and have used tech­niques to ver­ify vic­tims de­vices be­fore in­fil­trat­ing them. Kasper­sky Lab prod­ucts suc­cess­fully de­tect and block at­tacks con­ducted us­ing these tech­niques.

“Oper­a­tion Par­lia­ment is an­other symp­tom of the con­tin­u­ously de­vel­op­ing ten­sions in the Mid­dle East and North Africa. We are wit­ness­ing higher so­phis­ti­ca­tion and smarter tech­niques used by at­tack­ers and it doesn’t look like they will stop or slow down any­time soon” Said Mo­hamad Amin Has­bini, Se­nior Se­cu­rity Re­searcher, Global Re­search & Anal­y­sis Team at Kasper­sky Lab. “The type of peo­ple and or­ga­ni­za­tions tar­geted in this at­tack cam­paign should el­e­vate their lev­els of cy­ber ma­tu­rity in or­der to mit­i­gate such at­tacks in the fu­ture” he added.

In or­der to pre­vent fall­ing vic­tim to such an at­tack, Kasper­sky Lab re­searchers ad­vises or­ga­ni­za­tions to ex­ert spe­cial at­ten­tion and ex­tra mea­sures, in­clud­ing: Train staff to be able to dis­tin­guish spearphish­ing emails or a phish­ing link from le­git­i­mate emails and links.

Use not only proven cor­po­rate-grade end­point se­cu­rity so­lu­tion but also acom­bi­na­tion of spe­cial­ized pro­tec­tion against ad­vanced threats, such as Threat Man­age­ment and De­fense So­lu­tion, which is ca­pa­ble of catch­ing at­tacks by an­a­lyz­ing net­work anom­alies.

Fol­low strict rules to avoid data leaks and de­ploy tech­niques to pre­vent in­sider threats.

Blockchain vot­ing

On­line vot­ing ap­peals to many as­pects of mod­ern so­ci­ety – such as ge­o­graph­i­cally spread com­mu­ni­ties, or pro­gres­sive uni­ver­si­ties want­ing to hear their stu­dents’ voices. It also ap­peals to global NGOs, and mu­nic­i­pal­i­ties look­ing for cit­i­zen in­volve­ment in neigh­bor­hood and city­wide de­ci­sion mak­ing. How­ever, the risks of mak­ing crit­i­cal choices on­line are also high, with large-scale on­line vot­ing open­ing up vast op­por­tu­ni­ties for cy­ber­crim­i­nals to fix the re­sults.

An in­no­va­tion from the Kasper­sky Lab Busi­ness In­cu­ba­tor was an­nounced dur­ing Kasper­sky Lab’s Cy­ber Se­cu­rity Week­end. It of­fers a pos­si­ble so­lu­tion: A cus­tom­iz­a­ble on­line vot­ing plat­form for non-com­mer­cial or­ga­ni­za­tions, busi­nesses and com­mu­ni­ties, which uses blockchain tech­nol­ogy and is se­cured with trans­par­ent crypto al­go­rithms.

In the mod­ern ef­fi­ciency-driven, mo­bile world, var­i­ous lim­i­ta­tions of off­line vot­ing have be­come ap­par­ent: it’s ex­pen­sive, time-con­sum­ing and of­ten in­ac­ces­si­ble - or at least chal­leng­ing - for peo­ple who aren’t phys­i­cally present to cast a vote. On­line vot­ing can help over­come these chal­lenges but this brings sev­eral un­cer­tain­ties of its own: how can we se­cure the process? How can we make sure that our votes aren’t changed or al­tered by an ex­ter­nal or in­ter­nal party?

As part of a re­search project fo­cused on ex­plor­ing the po­ten­tial im­ple­men­ta­tions of in­no­va­tive tech­nolo­gies such as blockchain, Kasper­sky Lab Busi­ness In­cu­ba­tor has fos­tered a tal­ented team of de­vel­op­ers who have worked on an ex­per­i­men­tal project called Polys. This has re­sulted in a new com­mer­cial so­lu­tion, which aims to pro­vide any­one with the abil­ity to con­duct se­cure, anony­mous and scal­able on­line vot­ing - with re­sults that can­not be al­tered by par­tic­i­pants or or­ga­niz­ers.

Var­tan Mi­nasyan, Head of In­vest­ment and In­no­va­tion at Kasper­sky Lab, com­ments: “In our Kasper­sky Lab Busi­ness In­cu­ba­tor we’re sup­port­ing both in­ter­nal and ex­ter­nal teams in de­vel­op­ing bright ideas and tech­nolo­gies, which can be im­ple­mented in var­i­ous ar­eas where safety and se­cu­rity are im­por­tant. One such area is on­line vot­ing and, when ex­plor­ing the pos­si­ble im­ple­men­ta­tions of blockchain in par­tic­u­lar, our team re­al­ized that this tech­nol­ogy com­bined with the com­pany’s cy­ber­se­cu­rity ex­per­tise could solve key prob­lems re­lated to the pri­vacy, trans­parency and se­cu­rity of on­line vot­ing. We’re ex­cited that we have been able to cre­ate a suit­able en­vi­ron­ment for this in­ter­nal in­no­va­tion.”

Polys is based on smart con­tracts in Ethereum (some­times re­ferred to as Blockchain 2.0) which al­lows bal­lot ver­i­fi­ca­tion and vote tal­lies to be per­formed in a de­cen­tral­ized man­ner. The main ben­e­fit is that, due to blockchain’s de­cen­tral­ized na­ture, the ac­cu­racy of vot­ing ex­e­cu­tion can be ver­i­fied by the net­work’s par­tic­i­pants. The whole vot­ing data is stored not on servers, but in in­for­ma­tion blocks on the com­put­ers of all net­work par­tic­i­pants: To erase it, a hacker would have to breach all of the com­put­ers and gain ac­cess to the in­di­vid­ual sets of data.

Blockchain also al­lows a voter to eas­ily check if their vote has ac­tu­ally been reg­is­tered cor­rectly and any tam­per­ing of votes will au­to­mat­i­cally be­come ev­i­dent. Blockchain trans­parency makes it eas­ier to mon­i­tor votes and com­plete vot­ing au­dits by in­de­pen­dent par­ties. It also doesn’t re­quire ex­tra re­sources or the need for the phys­i­cal pres­ence of per­son­nel.

In ad­di­tion, within the Polys vot­ing sys­tem, blockchain is en­crypted and backed up with math­e­mat­i­cal al­go­rithms. These help to en­sure anonymity, hide in­ter­me­di­ate re­sults and per­form cal­cu­la­tions on the en­crypted data, which is some­thing that can’t be done in other blockchain sys­tems due to its dis­trib­uted and open na­ture. By im­ple­ment­ing these al­go­rithms in the smart con­tract en­vi­ron­ment, us­ing the ad­van­tages of blockchain while elim­i­nat­ing its lim­i­ta­tions, Polys stands out as a dis­tinc­tively in­no­va­tive project.

The source code of Polys will be pub­licly avail­able – al­low­ing any­one to test, ver­ify and ex­plore the tech­nol­ogy be­hind it. Any blockchain en­thu­si­ast, pen­e­tra­tion tester or e-vot­ing sup­porter will soon be able to find it on GitHub. Jutta Steiner, Co-founder of Par­ity Tech­nolo­gies, com­ments: “Par­ity Tech­nolo­gies is ex­cited to be in­volved with Polys as their plat­form of choice for such an in­no­va­tive project. Blockchain is in­creas­ingly be­ing im­ple­mented by a vast num­ber of in­dus­tries and we be­lieve that de­cen­tral­is­ing the vot­ing pro­ce­dure will en­sure a fair process and cre­ate a high level of trust in the sys­tem.”

Polys is de­signed to sup­port vot­ing at all lev­els and for any num­ber of par­tic­i­pants. Upon a spe­cial project re­quest, the plat­form can be made fully scal­able with ca­pac­ity for thou­sands of vot­ers in in­ter­na­tional cor­po­ra­tions, po­lit­i­cal par­ties, uni­ver­si­ties, global com­mu­ni­ties, NGOs, etc. This im­ple­men­ta­tion can be tai­lored to spe­cific re­quire­ments in terms of autho­riza­tion, the in­ter­face de­sign, and in­te­gra­tion with other ser­vices. It is avail­able in se­lect re­gions only; in­ter­ested par­ties can learn more about avail­abil­ity and pric­ing by fill­ing out a con­tact form on the web­site.

In ad­di­tion to the cus­tom­ized plat­form, there’s also a ready-to-use freemium ser­vice that is avail­able for ev­ery­one. To ar­range a vote, one sim­ply has to go the web­site, cre­ate a poll in the Or­ga­nizer Panel and fill in the vot­ing in­for­ma­tion (such as the names of can­di­dates or other par­tic­i­pants, along with any ex­tra de­tails). The rest of the work, such as send­ing emails to vot­ers and count­ing votes, is car­ried out by Polys.

Amir Kanaan, Man­ag­ing Di­rec­tor, META, dur­ing the press con­fer­ence.

Amin Has­bini speaks with Kuwait Times.

Amin Has­bini (right) and Sergey Novikov dur­ing the press con­fer­ence.

Newspapers in English

Newspapers from Kuwait

© PressReader. All rights reserved.