Story image

The threatening cyber landscape of the Melbourne Cup

31 Oct 16

The Melbourne Cup officially kicks off tomorrow, and Jeffrey Kok, senior director of Pre-Sales Asia Pacific and Japan at CyberArk has a few tips for Australians betting their money on the ‘race that stops the nation’.

"As betting online becomes bigger and bigger business, virtual platforms are a cornerstone of the gambling industry, with tens of millions of dollars invested in the infrastructure and expertise needed to entice punters to their sites and cater to the thousands upon thousands of transactions that take place on a daily basis – with matters coming to a peak as race day approaches,” he explains.

"As with any business that depends on internet-related business for its livelihood, the gambling houses have also heavily invested in security to keep their sites up and running.”

Kok adds that the types of protection that are in place aren’t always enough to stop ransomware.

"Ransomware is software that, simply put, encrypts files and data on the victim’s infrastructure blocking any usage of such files and data until a sum of money is paid,” he says.

“It has been used to target individuals but is increasingly a problem for enterprises as hackers seek to maximise revenues.”

In order need to combat these threats, here are Kok’s five pieces of advice:

  1. Most anti-malware and anti-ransomware solutions today focus on detecting and blocking malware at the point of inception. These solutions can be helpful when you know what you’re looking for – but when it comes to ransomware, there are new variants coming out every day.
  2. Standard ransomware just infects user machines; this is the same ransomware that would infect a regular consumer at home. These attacks will be opportunistic and less damaging to organisations.
  3. Advanced ransomware is far more dangerous. These ransomware attacks follow the same general attack pattern as targeted network attacks, but for a very different end goal. Instead of information theft, ransomware attackers seek to cause widespread havoc through mass infection and encryption of user data.
  4. Removing local privileges (the ability to access more sensitive parts of the network) from regular PCs can help defend against ransomware attacks.
  5. An effective approach is to protect the sensitive files in your organization from the damage that often results from ransomware attacks. Employing greylisting - an approach that allows unknown applications (e.g. the latest ransomware variant) to execute harmlessly - blocks ransomware from being able to access or encrypt your critical files.

"To effectively defend against such ransomware attacks, organisations must combine the principle of removing local privileges and. application control to reduce the attack surface and block their progression."

Cofense launches MSSP program to provide phishing defence for SMBs
SMBs are highly susceptible to phishing attacks, and often lack the resources necessary to stop advanced threats
Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.