iTWire - iTWire - Security iTWire - Technology news, trends, reviews, jobs Sun, 02 Aug 2015 08:01:26 +1000 Joomla! - Open Source Content Management en-gb Norton and W10 Norton and W10

Norton 360s latest version is W10 compatible but some users are getting advice that it won’t work correctly after the upgrade.

This simply means the user is not running the latest version and provided their subscription is current it can be downloaded from Norton’s upgrade centre.

Norton also advise that its Norton Family parental control software, usually installed as part of its Norton 360 suite, may impact the performance of Windows 10.

{loadposition ray}

Norton Family cannot currently monitor activity on W10’s new Edge browser. It expects to support Edge later in 2015 when Microsoft begins allowing browser extensions. Until then, children should use another browser, Google Chrome or Mozilla Firefox for Norton Family to monitor online activity. If the child uses Edge parents will receive an email accordingly.

Norton Family has become a popular tool to allow parents to monitor their childrens computer activities and covers web browsing, social media, search supervision, personal information protection and gives parents the ability to set times the computer can be used. It provides email alerts or provides real time alerts via ioS and Android apps.

]]> (Ray Shaw) Security Thu, 30 Jul 2015 09:10:56 +1000
New cybersecurity centre releases first report New cybersecurity centre releases first report

The new Australian Cyber Security Centre (ACSC) has released its first cyber security threat report. The Government wants us to be alert but not alarmed online as well.

The Australian Cyber Security Centre (ACSC) was initiated by Julia Gillard in January 2013 and opened by Tony Abbott last year.

It has now released its first unclassified report, which it says describes the range of cyber adversaries targeting Australian networks, explains their motivations, the malicious activities they are conducting and their impact, and provides specific examples of activity targeting Australian networks during 2014.

Based in Canberra, the ACSC brings together participants from government and industry – the Defence Department’s Cyber Security Operations Centre, the Attorney-General's Computer Emergency Response Team (CERT) Australia, ASIO's Cyber Espionage Branch, elements of the AFP's High-Tech Crime Operations capability and all-source assessment analysts from the Australian Crime Commission. Macquarie Telecom, which provides secure Internet gateway services to 40% of Federal Government agencies, is also a member.

“The number, type and sophistication of cyber security threats to Australia and Australians are increasing,” says the report. “Due to the varied nature of motivations for cyber adversaries targeting Australian organisations, organisations could be a target for malicious activities even if they do not think the information held on their networks is valuable, or that their business would be of interest to cyber adversaries.

“The ACSC’s ability to detect and defend against sophisticated cyber threats continues to improve. But cyber adversaries are constantly improving their tradecraft in their attempts to defeat our network defences and exploit the new technologies we embrace.

{loadposition graeme}

“There are gaps in our understanding of the extent and nature of malicious activity, particularly against the business sector. The ACSC is reaching out to industry to build partnerships to improve our collective understanding.”

The report is available here (PDF). It identifies three major types of cyber adversary:

Foreign state-sponsored adversaries

Foreign state-sponsored adversaries, including nation-states, seek economic, foreign policy, defence and security information for strategic advantage. Such adversaries have traditionally possessed the most advanced and sophisticated tools to conduct their activities, sometimes maintaining access to an organisation’s network for years at a time to steal the information they require. These adversaries are most frequently identified as Advanced Persistent Threats (APT).

Serious and organised criminals

Financially motivated criminals that exploit and access systems for financial gain are a substantial threat to Australia. Transnational serious and organised cybercrime syndicates are of most concern, specifically those which develop, share, sell and use sophisticated tools and techniques to access networks and systems impacting Australia’s interests.

Issue motivated groups and individuals with personal grievances

Hacktivists and individuals causing nuisance, attempting to draw attention to themselves and their causes, while usually less capable and sophisticated, are still able to cause disruption to Australian government and businesses.

ACSC co-ordinator Clive Lines said that the report “clearly demonstrates that the cyber threat to Australian organisations is undeniable, unrelenting and continues to grow.

“The report provides an overarching view of cyber adversaries, what they want, and how they go about getting it from an ACSC perspective. It will be a useful resource for organisations to start an informed conversation about protecting their vital information. If every Australian organisation read this report and acted to improve their security posture, we would see a far more informed and secure Australian Internet presence,” he said.

All ACSC partner agencies provided information for Australian organisations about the threats their networks face from cyber espionage, cyber attacks and cybercrime. The report also contains mitigation and remediation information to assist organisations to prevent and respond to the threat.

The publication of the report was a milestone moment in lifting the national defences against digital attack, said Macquarie Telecom’s Aidan Tudehope.

“We have entered an age where management and boards of business must assume they are under cyber attack, not wait until they are bleeding,” Tudehope said. “Cyber security is a growing issue, a national priority and everybody’s business.

“The Government’s decision to publish the threat is an important leadership step as it is only through being honest and transparent about threats and even the failures that we can lift the defences of everyone, business and government alike,” Tudehope said.

“Macquarie Telecom is part of the recently formed ACSC, the Australian Government’s cyber defence frontline. Yet too many businesses regard the issue as someone else’s problem, simply because they do not understand the sheer scale of the problem,” Mr Tudehope said. 

]]> (Graeme Philipson) Security Thu, 30 Jul 2015 06:22:28 +1000
Securus restructures in face of more complex, 'sophisticated' security threats Securus restructures in face of more complex, 'sophisticated'  security threats

Australian security consultancy Securus Global is restructuring its business to meet what it says is increasing market demand for its security services as security threats become increasingly complex.

The restructure which started one year ago follows Securus’ acquisition in 2014 by ASX-listed PS&C and includes hiring of new staff and implementation of a structured research program designed to align the company’s business in the face of the increased complexity of security threats.

While diversifying and strengthening and diversifying its business, Securus says it has also ramped up its penetration testing and vulnerability assessment offerings as customer demands increase.  

The hiring of new staff includes two account managers, five penetration testers and a senior PCI auditor.

{loadposition peter}Securus CEO Chris Williams said that PCI auditing, which is increasing in demand, is a core offering of the business as credit card companies strengthen the audit criteria for organisations dealing with credit card data.   

“The latest audit requirements for PCI DSS version 3.1 have become more prescriptive, driving the need for corporates to engage the services of companies not only with strengths in PCI but who also take a more consultative role and guide companies through the process.”

According to Williams, corporate boards are now holding the CEO and other senior executives accountable for security breaches.

“Boards are reconsidering the risk and impact of security breaches on their business, not only in terms of reputational damage among customers and peers, but also in terms of the potential impact on an organisation’s share price.”

As part of the restructuring, Securus’ has implemented a structured research program, as well as a fully funded training program for its security staff.

“We intend to significantly increase our staffing further over the next year so we are putting in place a training program to ensure our security professionals can stay at the top of their game,” Williams said.

“It’s been a busy twelve months. We’re on this journey for the long term, and what we have done is ensured that the structure, staff and processes are all in place to ensure future growth.

“In addition, we’re building a strong security culture focused on developing our staff and creating an environment where professional development is central to the success of our people, as well as the business.”

]]> (Peter Dinham) Security Tue, 28 Jul 2015 21:04:06 +1000
Check Points new technology stops zero day exploits Check Points new technology stops zero day exploits

Imagine if you will that you are a promising, white hat hacker working in a top secret government run lab with the key responsibility to find out how to exploit ‘exploits’ in x86 servers and PCs world-wide.

Imagine that in late 2013 you start your own company intent on preventing those very same exploits and respected security industry luminaries including Mickey Boodaei and Shlomo Kramer back you.

Imagine a scant year or so later your tiny security company – still in stealth mode – is acquired by security giant for millions of dollars because your technology is unique.

Well imagine no more!

{loadposition ray}

The start-up was called Hyperwise and the security giant is Check Point. The technology is ‘CPU level Threat Prevention’ – it will stop malware infection at a low level before it executes.

I met with Nathan Shuchami – a co-founder of Hyperwise and now head of Threat Prevention for Check Point and Christopher Rodrigues, Marketing Manager of Check Point ANZ.

What Nathan was talking about is well above most of our pay grades but I will attempt to paraphrase.

Various governments are actively working on cyber warfare – the ability to exploit zero day and even known exploits in operating systems or programs. They are doing this to keep an eye on other governments, corporations and influencers. These white hat hackers (after all governments are basically benevolent – no?) can be lured by organised crime as well to use government developed technology developed to attack enterprise.

Virus/malware comes in two basic file types. An .exe (executable program file) and buried inside data (like a PDF, Word, Excel or PowerPoint document. It is relatively easy to detect .exe attacks via signature based systems. It is much harder to detect to detect malware hidden inside data.

The aim of any malware delivery system is to bypass existing security systems, to gain privileges from the operating system using ROPE techniques to do something – download other malware etc., and to then carry out the threat. These exploits are sometimes new – called zero day exploits, or can be year’s old if the system has not been patched properly.

The threats can come via email (STMP and MTA), Browsers (HHTTP/s) and files stored on USB, or via Wi-Fi and BYOD. Or someone in an organisation has been bribed to introduce the file. “Criminals know that someone in any reasonably sized organisation will open a cleverly crafted spear phishing email no matter how well educated the staff may be,” said Nathan.

Check Point have a way to intercept all that network traffic before its executed at CPU level and using Hyperwise technology can check it – either on premise if you have one of its hardware devices, or in the cloud.

“Two years ago sandboxing was the latest technology – running everything inside a virtual machine that could not harm the real machine – but it’s too slow. Our solution adds only a few seconds – immaterial in the case of email or browsing. The solution is elegant – payloads are removed before they do damage,” said Nathan.

Nathan left me with a sobering thought, “We have cured this type of exploit but it won’t be long before attention turns to the Internet of Things – we have been speaking about this for more than three years and its now becoming a reality. What about that Jeep that was hacked? It is the next new frontier.”

“I would hate to be a chief information security officer at a big company – it is not a case of if they will be attacked but when. Forutnately Check Point has 24% of these large companies as clients and has become both the best of breed and a one stop shop,” he said.

]]> (Ray Shaw) Security Mon, 27 Jul 2015 15:02:39 +1000
Protect voice, not just data: BlackBerry Protect voice, not just data: BlackBerry

Protecting voice is as important as protecting data, according to BlackBerry senior vice president for Secusmart secure voice Christoph Erdmann.

The well-publicised tapping of German Chancellor Angela Merkel's phone revealed the extent and power of interception. "You need to protect voice," he said.

At that time, Secusmart customers were mostly European governments. Now, governments on five continents use the products.

Designed for productivity and ease of use, Secusmart takes advantage of the military-grade hardware in BlackBerry handsets, which it can apply seamlessly to all communications.

{loadposition stephen08}The result is mobility without having to step outside a classified environment.

Forthcoming products will variously provide compliance with US NIAP (National Information Assurance Partnership) protection profiles, and new hardware supporting custom cryptography via a smartcard.

While enterprises do need secure voice, their different characteristics - especially the desire for BYOD and the need for much wider deployments. So BlackBerry developed a hosted system called Secure Call, which is initially available only from Vodafone Germany as Vodafone Secure Call.

Earlier this year, BlackBerry Secusmart Secure Voice senior vice president Hans-Christoph Quelle said "We worked quickly with Vodafone Germany to bring Secure Call to the marketplace and ensure that we could deliver a cost-effective, cross-platform solution that is easy to implement."

Disclosure: The writer travelled to New York as a guest of BlackBerry.

]]> (Stephen Withers) Security Fri, 24 Jul 2015 09:54:24 +1000
Security can be done better, says BlackBerry CSO Security can be done better, says BlackBerry CSO

"The world does not believe we can make things secure... [but] I reject that notion," said BlackBerry CSO David Kleidermacher.

Techniques exist to get components "exactly correct," he said, so it shows the wrong attitude when people suggest we can't do better by developing secure software.

BlackBerry CHACE (Center for High Assurance Computing Excellence) is working on such issues in partnership with Oxford University, Waterloo University and other members of what Kleidermacher (pictured} called "a dream team" of organisations getting behind the effort.

Kleidermacher was joined onstage at the BlackBerry Security Summit by BlackBerry security researcher Graham Murphy, who performed a live hack of a medical device, more specifically an infusion pump.

{loadposition stephen08}Using simple tools and techniques, he connected to the pump via Ethernet (the device manual revealed the IP address, so there was no need for trial and error), and no username/password was required to log in as root. The pump yielded its WEP keys in plain text, and from there physical access was unnecessary.

It was already known that the pump doesn't secure boot, so it was easy to install 'custom' software, for example to pump all of the drug into the patient in one go instead of carefully metered doses.

"This is a real risk," said Kleidermacher, but he pointed out that all of the information presented was already public.

He drew a parallel with the well-publicised attack on US retailer Target, where malware got into EFTPOS devices via the corporate network and then 'phoned home' the data it collected. People will click on links and attachments in emails, so "it's child's play" to get in that way.

So what to do? One approach is to focus on a small part and make sure that is correct. The question then is whether that part is sufficient to meet an important problem. For the infusion pump, that small part might be to ensure that only 'safe' commands are passed from the controller to the pump itself.

BlackBerry has tools to build security into such products from the outset, to deploy patches when problems do arise, he said. The company also offers consulting services, including vulnerability assessments.

"We have the technical capability" to program medical devices such as insulin pumps from personal mobile devices, but there is no standard that interested parties can work to. "We need to fix that," he said, and that is one of the things CHACE is working on.

Standards re needed to allow independent evaluations of the security 'quality' of devices, but they do not yet exist. "People should be incredibly angry and upset" by that he said.

BlackBerry's successes include the development of a system for the US Department of Defense that allows 'derived credentials' to be installed on smartphones to replace access cards. And BlackBerry is the only COTS (commercial, off the shelf) device approved for managing secrets in military tactical situations, he said.

And BlackBerry has already solved some challenging enterprise issues, including proof that its devices can be trusted even if they are manufactured outside the company.

BlackBerry's QNX operating system already used in "a significant fraction" of medical devices, Kleidermacher said, adding that the company is looking to provide expert services to manufacturers.

Also, QNX Hypervisor (released earlier this year) allows multiple OSes to run simultaneously on one piece of hardware. That means QNX could be used as the basis for functions that require high levels of security, while another operating system such as Linux or Android can run alongside to allow the use of other applications that happen to be available and relevant.

Disclosure: The writer travelled to New York as a guest of BlackBerry.

]]> (Stephen Withers) Security Fri, 24 Jul 2015 09:47:31 +1000
Data#3 launches dedicated security practice Data#3 launches dedicated security practice

Brisbane-based IT solutions company Data#3 has launched a dedicated security practice in response to what it says is customer demand and increasing adoption of Cloud and mobility services.

The investment in the new security practice comes as Data#3 (ASX:DTL)  today released its financial year 2015 results showing that its business continues to strengthen, with net profit after tax expected to be between $10 to $11 million - representing growth of approximately 35 to 45% compared to the 2014 NPAT of $7.5 million.

Data#3 CEO Laurence Baynham, said the Security Practice will encompass existing skills sets, coupled with support from the consulting, assurance and risk expertise of Business Aspect, who joined the Data#3 Group in September last year.

“Customers are dealing with increasingly complex Hybrid IT environments and are trying to integrate Cloud, mobile, social and analytics. This has a tremendous impact on security as they deal with safeguarding their business critical information and intellectual property. In fact, security was the number one priority for our customers in our latest customer survey.

{loadposition peter}“Security isn’t new for Data#3, it has always been a foundation of each solution as demonstrated through the recognition received from partner awards with multinational security vendors for a number of years.”

Baynham announced that Richard Dornhart has been appointed Security Practice Manager effective immediately.

A security veteran of 16 years, Dornhart has experience working for global security leaders in both Australia and the USA, Baynham said he will draw on his extensive knowledge “to help customers navigate a constantly evolving and complex threat landscape to protect their information, assets and brand.”

“The practice will provide customers with integrated offerings underpinned by the Data#3 Secure Framework, which will be delivered and managed by experienced professionals from our services teams, complemented by Business Aspect.”

]]> (Peter Dinham) Security Wed, 22 Jul 2015 12:08:27 +1000
Cryptology research potentially a criminal activity Cryptology research potentially a criminal activity

Australia’s obsession with national security continues to have unintended consequences, with the academic exchange of information about cryptography now in danger.

Internet freedom group Electronic Frontiers Australia (EFA) has supported a call by the International Association for Cryptologic Research (IACR) for amendments to Australia’s Defence Trade Controls Act to include exemptions for scientific research and for education.

The Act was recently updated and now prohibits the ‘intangible supply’ of encryption technologies, which EFA says subjects many ordinary teaching and research activities to unclear and potentially severe export controls.

EFA Chair David Cake said: "While it is obviously an important technology in the national security context, cryptography is also vital for the privacy and security of individuals, and is critical to commerce in the digital age. Not only is civilian cryptographic research a necessary component of a vibrant digital economy, it is also a vital tool for protection of our privacy against illegal and unethical surveillance and criminal attacks.

“EFA believes that the situation created by this legislation is absurd and needs to be rectified urgently. If not, Australia's capacity to deal with future cybersecurity challenges will be severely constrained and a whole category of highly-skilled digital economy jobs will simply not exist in this country.”

{loadposition graeme}

The IACR has circulated a petition calling for a change in the law, which is available at It reads:

We are deeply concerned about Australia's Defence Trade Controls Act (DTCA). The act prohibits the intangible supply’ of encryption technologies, and hence subjects many ordinary teaching and research activities to unclear, potentially severe, export controls. As an international organisation of cryptographic researchers and educators, we are concerned that the DTCA criminalises the very essence of our association: to advance the theory and practice of cryptography in the service of public welfare.

We affirm that the public welfare of Australians — and society in general — is best served by open research and education in cryptography and cybersecurity. Open, international scientific collaboration is responsible for the encryption technologies that are now vital to individuals, businesses, and world governments alike. The current legislation cuts off Australia from the international cryptographic research community and jeopardises the supply of qualified workforce in Australia's growing cybersecurity sector.

We call on Australia to amend their export control laws to include clear exemptions for scientific research and for education.

]]> (Graeme Philipson) Security Fri, 17 Jul 2015 06:27:22 +1000
Cyber breach attempts a weekly affair say IT managers Cyber breach attempts a weekly affair say IT managers

Weekly attempts on breaching data security seem to be commonplace amongst Australian organisations, with IT managers believing they are subject to attempted breaches every week.

Almost half of the Australian IT managers – or 46% - surveyed by identity management security provider Centrify said they believed their organisations had experienced an attempted security breach in the previous seven days.

And, one in eight (13%) of the IT managers believe that an attack had occurred in the previous 60 seconds.

Reflecting this concern, a majority of IT managers (56%) nominate security as their biggest concern for the next year, closely followed by cloud computing (55%) – while for a third of the managers the most pressing concern was mobile applications and management (21%).

{loadposition peter}The research compared the security experiences of IT managers in the US, UK and Australia and, according to Centrify, while major breaches at iconic brands like Sony and Office of Personnel Management in the US make headlines, it commissioned the country comparison survey to evaluate the frequency of breaches on organisations that do not make the front page.

Centrify says the Australian findings tally with the results of the research undertaken in the US and the UK where security is also a leading concern.

Centrify Senior Director APAC Sales Niall King said the survey findings (taken at last month’s AusCERT event) reinforced what customers were telling Centrify. “The combination of cloud computing and mobile access is creating incredible security headaches for organisations globally.”

“Because Australia is an early adopter of technology, our IT managers are already feeling the stress of defending against the vulnerabilities created by this convergence of mobility and ubiquitous access,” King said.

“At Centrify, we believe that identity is the new perimeter. The good news is that with the right tools in place, you can protect your organisation against unrelenting attacks.”

“A clear finding from the survey is that most IT managers (83%) are as concerned or more concerned about security breaches at their organisations than they were 12 months ago. Only 5% are less concerned.”

King said Centrify was committed to providing organisations with the tools they needed to secure an evolving corporate perimeter. “The challenge is that today’s corporate perimeter has nothing to do with physical headquarters and contains data that resides in the cloud and on the numerous devices employees and contractors use in the field.

“As employees reach for the cloud or their mobiles to get their jobs done, it opens up greater security vulnerabilities. As a result, there is greater need than ever for unified identity security across multiple devices and platforms. It’s our hope that this survey helps convince IT decision makers to take steps now to enhance identity management before hackers find holes and exploit them.”

]]> (Peter Dinham) Security Wed, 15 Jul 2015 16:57:07 +1000
Cyberspace not a safe children’s play space’s-play-space’s-play-space Cyberspace not a safe children’s play space

Do you know what your children do online? Would you be horrified if they were sexting, being a cyber-bully, exposing family secrets on social media, or contemplating meeting online strangers in the real world?


A new Norton (by Symantec) report reveals 74 percent of parents are oblivious to their kids’ online activities, 41 percent of Australian parents never check their children’s online activities, 52% never discuss sexting, 41% cyberbullying or 37% stranger danger online.


“From websites to apps to games and online communities, children have access to a ton of content that can affect them both positively and negatively,” said Mark Gorrie, Director, Norton by Symantec, Pacific region.  “Children are interacting online at a younger age and more than ever before and it’s impossible for parents to watch over their kids every second they’re online.  Parents need to arm their children with the knowledge and skills they need to use the Internet positively without compromising their privacy and security.”


{loadposition ray}


I am going to reveal a very personal experience. It relates to my two adult children who are now the wrong side of 30. Having been in the IT industry since the early 80’s I gave them each a ‘386-sx’ computer when they were in pre-school. The idea was to help give them an edge using educational games like Reader Rabbit, Math Rabbit, and more. It worked and they became extremely computer literate.


In the 90’s things changed – the internet emerged and my now teenagers embraced it. “Daughter is a queen of the chat rooms,” I would say beaming. Never once did it occur to me that the internet was not safe. Not to dwell on it but I was horrified to stumble on the content of the chat rooms and the danger they encompassed. Not to mention that son had healthy pubescent desires and the internet provided a cornucopia of content. I learned very quickly that it was hard to talk about such things and even harder to police its use. I could only hope that my wife and I provided a suitably moral environment and that the kids had sufficient common sense to realize the dangers.


Kids grew up well adjusted – probably in spite of installing parental lock-outs and a key logger to see what they were doing. There is no substitute for simply talking about the issue.


Back to Norton’s findings.


Alarmingly 18% of Australian parents had been warned about their child’s social media activities by their school. Approximately 15% of parents had admitted to having at least one child impacted by cyberbullying, while one in three children identified themselves as being impacted by cyberbullying. Some 27% of Australian parents admitted that their young children had joined a social networking account even though they did not meet the minimum age rule.

To help counter this and promote online safety, digital ethics and privacy, Norton has collaborated with author, child rights activist and parent,  Tara Moss, to be its first Australian Norton Family Ambassador.

 “Security, privacy and online ethics are now a necessary part of parenting, just like road safety and safe sex education. Kids using connected devices in the comfort of the family home may look harmless, but activity online has consequences and impacts beyond the home and beyond that moment. As with anything else, education and guidance are needed. To some, the Internet is not part of the real world, but it is. Things said online are sent by real people and received by real people, and when the recipient is a child, unpleasant online exchanges can be more damaging,” said Moss.

 “The Norton survey reveals there is a general lack of awareness about the role of parents in educating children about Internet security and privacy. Many parents have not grown up as connected to the online world as their children and may be unaware of the potential impacts of online activity. While schools and governments have invested in teaching children safe Internet practices, it is no longer enough. Parents need to get informed about what they can do to protect their children and take an active role in their children’s understanding of privacy and online ethics, as well as their online well-being,” Moss added.


Top Tips for Parents:


  • Have an open dialogue – It is important to start the conversation with your children early and have open dialogue with your kids. Set aside time to discuss appropriate online behaviour and create age-appropriate “House Rules” about how computers, smart phones and gaming systems are used. It is also important to be a positive role model for children and lead by example.

  • Educate children – Spend some time educating children regularly about the dangers of the Internet and create awareness around issues such as sexting and cyberbullying. Check to make sure your kids are not sharing private information like passwords, addresses and phone numbers with people they don’t know.

  • Explore technology – Consider free parental control technologies, such as Norton Family, that help to enforce the ground rules and can limit the sites that can be accessed and the type of information that can be shared online. 


    To learn more about and and start using Nortons new free Family software click here.

]]> (Ray Shaw) Security Mon, 13 Jul 2015 16:54:50 +1000