Monday, January 4, 2016

2016 is here and the cybersecurity show goes on

We start the year and don't doubt 2016 will be very interesting from the cybersecurity point, with the common difficulties, new challenges and a few surprises, like the fact of some companies of digital services are sending notifications to their clients warning them they could being victims of the attack of a government, the different reactions provoked by the famous Cybersecurity Act of 2015, the IBM publication to repair a vulnerability in its WebSphere Portal or the work of the BlackEnergy Trojan to attack Ukrainian objectives... 

The cybernetic attacks known as "state sponsored" have the objective of exposing part of the user´s information for national security or intelligence purposes and they're increasing, many times with the collaboration of big of Internet services companies, but the trend has inverted with companies like Facebook, Yahoo, Microsoft or the omnipresent Google, that not only warn to their user, but they even have implemented new encryption systems that leave the public key in user's hands, instead of the company hands.

A new vulnerability in  IBM WebSphere Portal

WebSphere Portal is a composed app that offers to companies the needed tools to create solutions based in SOA (Service Oriented Architectures) and the company has proved the strategic importance of this services with the quick publication of a new patch to correct a vulnerability which allows to remote attackers to obtain sensible information of the affected systems.

The Ukranian cyberwar continues

In evidence of this, the ESET company has given technical details about the wave of attacks suffered by the Ukrainian media and the Ukrainian power plants by the BlackEnergy Trojan, with an improved version capable of damaging more than 4.000 files and making the affected machines unable to reboot

Is it effective the Cybersecurity Act of 2015?

This document will mark the security guideline in USA the next year and the truth is it was born surrounded of controversy, with some detractors who complain about the privacy problems and others, like Bret Helm, CEO of DB Networks, who criticizes the  proposed methodology and recommends to base the security systems in 2016 in the systems hygiene, the identification of compromised credentials and the autonomous cybersecurity.

These four keys are only an example of what worried us in the end of last year and the changes, challenges and threats we will face in the next moths. We warn you in advance!


Post a Comment