Categoría: Cybersecurity

The need for IT security arises from threats and cybercriminals such as hackers, who seek to compromise important data and entire systems. However, not all attacks are the same, they do not come from the same perpetrators, let alone have the same purpose.

Here we will introduce you to the main players:

1.White hat hackers: these are professionals who legally enter protected systems in order to test their security. They could be referred to as «ethical hackers» who only seek to detect sensitive elements in networks and systems before a malicious hacker can do so.

These types of hackers make up attack and defense organizations, known as «red team» or «blue team».

2. Gray hat hackers: they expose vulnerabilities and report problems to their owners. However, these users have not asked for permission to carry out attacks.

They often conduct unauthorized tests and then ask for a reward for their achievements.

3.Black hat hacker: this type of hacker is the one known as cybercriminal, since they are in charge of invading systems and networks with malicious purposes such as:

• Malware propagation.
• Data theft.
• System spying.

With all this, we can realize that black hat hackers are the biggest threat, as they not only gain unauthorized access to networks and systems but also carry out attacks to profit monetarily: phishing, ransomware and cryptojacking.

Knowing and being updated about the current state of computer security is very relevant to protect your computers and those of any company, such as insurance. Like many others, it handles an avalanche of data on a daily basis.

From the statistics we share with you, we know that you will not hesitate to train your employees and have at hand all the necessary tools to be in a safe environment.

Avoiding the theft of data such as bank account numbers, passwords, documents and all kinds of information, is what makes it possible to avoid significant losses that can affect our businesses.

Digital security is fed by the constant change and transformation of companies, since in a digitized and technological environment it is important to be aware of all those vulnerabilities and malicious attacks present in the network to which we are daily connected, to create mechanisms that allow us to be safe.

What is IT security?

According to the Netec article, computer security is a process of circumventing and tracking down unauthorized use of a computer system in order to protect the integrity and privacy of all of a company’s stored information.

The U.S. Department of Homeland Security, asserts that «Our daily lives, economy and national security depend on a stable cyberspace.»

How is IT security made up? 

1. Security measures such as antivirus software programs, firewalls, and others)
2. Disabling certain software functions.

Main areas of computer security

1. Authentication: you are communicating with the people you think you are communicating with. Security first.
2. Availability: data must be available to users when needed.
3. Integrity: authorized users must be able to modify data when necessary.
4. Confidentiality: only authorized users can access our resources, data and information.

In the following article, we will tell you what are the types of hackers and some statistical data that will make you not hesitate for a second to strengthen the security of your company. Soon it will be available!

As we told you in the previous article, there is a group of cybercriminals who, taking advantage of the benefits of the Internet and the great interconnectivity, have sought all possible mechanisms to carry out scams and crimes through phishing, stealing data and confidential information from their victims.

Based on the above, we would like to share with you the best tips for you and your collaborators to be aware of any extortion attempt by phishers.

How to recognize a Phishing message?

According to the article on the Panda security website, these are the main key points:

1. From the beginning, it is already rare that companies (banking, telecommunications, etc), ask us for personal data via email or messages. If this happens, you already know that you should be alert.
2. The first point sounds easy, however, it is not always easy to recognize phishing messages by their appearance. However, it takes time and effort to faithfully replicate a company’s formatting, which criminals are often unwilling to invest.

Spelling errors and inconsistencies are a clear indication that something is wrong. Also look at the sender’s address, it is always a bit strange.

3.Be very careful in the operations you perform from your smartphone. The growing popularity and relevance of this type of devices has made us do and undo everything in one place.

Fun fact: «In 2013, 110 million customer and credit card records were stolen from customers of retail giant Target.»

How can we protect ourselves from Phishing?

1.Don’t open emails from unfamiliar senders.

Don’t click on a link within an email unless you know exactly where it will take you.

3.To apply an extra layer of protection, if you receive an email from a source you are unsure of, manually navigate to the link provided, just type the legitimate website addess into your browser.

4. Look for the website’s digital certificate (The SSL certificate is a small data file that digitally binds a cryptographic key to an organization’s data. Once installed on the web server, the certificate activates a padlock and the https protocol, thus enabling a secure connection from the web server to the browser).

5. If you are asked to provide sensitive information, check that the page URL begins with «HTTPS» instead of «HTTP». The «S» stands for «secure. It is not a guarantee that a site is legitimate, but they are more secure. HTTP sites are vulnerable to hackers. 

6.If you suspect an email is not legitimate, select a name or part of the text of the message and run it through a search engine, so you can see if there are any known phishing attacks that use the same methods.

As always, the most advisable thing to do is to use some type of anti-malware security software and to have a corporate culture where all employees are trained to understand and be alert in case of a possible attack that could have an impact on the company.

Although the insurance industry has recently started to use technology in its operations, it is true that it is not exempt from cyber-attacks, since it handles a large amount of data and information on a daily basis.

This is why at LISA we use security software to ensure the security of our clients and the entire environment where we develop our ecosystem and interconnection.

The Internet and various technologies have come into everyone’s life as a relevant tool to facilitate many tasks and allow us to interconnect in just one click, at any time and place we want.

However, the other side of the coin shows us a large group of cybercriminals who, taking advantage of the benefits of the Internet and the great interconnectivity, have sought all possible methods to carry out scams and crimes by stealing confidential data and information through phishing.

What is Phishing?

According to Avast Academy, it refers to a cybercrime technique that uses fraud, deception and scamming as mechanisms to manipulate victims into revealing sensitive personal information. This is one of the oldest and best known scams on the Internet.

The term phishing comes from the English word fishing, referring to the attempt to get users to «take the bait». The person who practices it is called a phisher.

Fun fact: A survey of more than 1,000 IT professionals revealed that 56% of organizations identified phishing as the biggest IT security risk.

How does Phishing work?

In fishing there are many ways to catch a fish, but there is one phishing tactic that is commonly used:

Regardless of whether it unfolds via email, SMS or any other system, all phishing attacks follow the same basic principles: the attacker sends a communication with the aim of persuading the victim to click on a link, download an attachment or send a requested piece of information.

Types of phishing

According to information shared in the Malwarebytes portal article, some of its categories are as follows:

01.Spear phishing

Phishing campaigns send mass emails to as many people as possible, spear phishing is a targeted attack where a specific person or organization is directly targeted (often with personalized content for the victim).

These attacks require prior reconnaissance to discover names, titles, email addresses and so on.

This is a critical threat for businesses and governments as it costs a lot of money. According to a 2016 report from research on the subject, this type of phishing was responsible for 38% of cyber attacks on participating companies during 2015.

02.Cloning phishing

The criminals in this case make a copy of previously sent legitimate emails containing a link or attachment. The phisher then replaces the links or attachments with malicious content disguised as genuine content.

In the same vein, the phisher may forge the victim’s identity to pass himself off as a trusted sender to other collaborators in the same organization.

3. 419 Nigerian scams:

Did you know that one of the oldest scams on the internet was an extensive phishing email from someone claiming to be a Nigerian prince?

The «Nigerian prince» claimed to be a government official or member of a royal family who needed help transferring millions of dollars from Nigeria. 

The email was marked as ‘urgent’ or ‘private’ and its sender asked the recipient to provide a bank account number to remit the funds to a secure location.

You are probably wondering what the «419» number is associated with this scam and refers to the section of the Nigerian penal code that deals with fraud, charges and penalties for offenders.

04.Telephone phishing

With phone phishing attempts (also called voice phishing or «vishing»), the phisher calls claiming to represent your local bank, the police or another important entity. 

They then scare you with some kind of problem and insist that you solve it immediately by providing your account information or paying a fine. They usually ask that the payment be made through a bank transfer or with prepaid cards, because they are impossible to trace.

Phishing via SMS, or «smishing», performs the same type of scam as vishing, (sometimes with an embedded malicious link to click on), via SMS text message.

Spam v. phishing

It seems to be the same but it is not, the only thing that makes them similar is that in both cases they are usually sent in bulk. The main difference between the two is that «spammers» do not try to harm the recipient, since what they send is considered «junk mail» because its content contains unwanted advertisements.

Those who resort to phishing are quite the opposite, they go with the intention of harming and committing a crime. Therefore, if we have to choose, spam is preferable.

Now you are probably wondering how to recognize a phishing message and what we can do to protect ourselves, aren’t you? That is why we invite you to continue reading in the second part of this article, it will be available soon!

Can data encryption fail?

Of course it can fail, in fact it is not a 100% secure method. To know what happens when data encryption fails, it is necessary to go into details of how the process works:

The vast majority of data encryption methods are based on the use of keys, which are long strings of numbers that allow the algorithm to do its work. Usually the keys come in pairs, one for the sender of the encrypted information and one for the receiver (both keys are needed for the algorithm to work correctly).

Hackers can guess keys

Despite not having the keys, hackers can easily decrypt data and steal it. This requires a process called «brute force attack«.

These hackers make use of a powerful computer to guess all the numbers or letters of the key. Clearly, the longer the key the more complicated it will be to use «brute force«, but on the contrary, if the key is small, at least 4 digits, it would be easier to find.

Curious fact

Today’s keys are strong and extensive and an example of this is a 128-bit key (standard in the encryption world), which has more than 300,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 possible combinations.

Basic types of encryption solutions

1.Encryption of immobile data: refers to your saved files.

2.Encryption of data in transit: it has to do with communications, i.e., e-mails, internal messages, among others.

Who needs data encryption? Almost everyone, in fact, we are sure you will want to keep your data confidential and secure.

Data encryption algorithms

1.Public key or asymmetric encryption: in this case, the sender uses a known public key to encrypt the data. The receiver has a private key that forms the other half of the public/private pair (using the private key in combination with the public key, the receiver can decrypt the data).

2.Private key or symmetric encryption: Both the sender and the receiver have the same private key and there is a lot of organization involved in storing and transmitting secret keys.

According to the article «Data Encryption: A Guide For Good Security Practices,» these are some current encryption algorithms:

1.Triple DES (3DES): A modernization of the older but highly influential Digital Encryption Standard, or DES. 3DES takes the 56-bit key of DES and increases it to 168 bits, making it difficult to crack but far more computationally intensive.

2.Advanced Encryption Standard (AES): A symmetric cipher based on the Rijndael block cipher algorithm. It is used by the U.S. federal government, as well as in consumer products, such as Apple computers.

3.Elliptic Curve Cryptography (ECC): A very powerful but not yet well understood form of encryption. It is faster than other algorithms, which is why it has gained the preference of government agencies such as the NSA.

In short

Data encryption is a very important and necessary element for cybersecurity. For any organization, data encryption must be one of the most important measures due to the constant digital transformation, as it means a great avalanche of sensitive information of various kinds that must be protected.

Nowadays it is not only enough to know the risks to which companies are exposed, but it is also necessary to train our collaborators so that they can be careful with their computer systems.

Here are some essential tips, according to an article on the Kaspersky website:

1. Update the software and operating system: this will take advantage of the latest security patches.
2. Use antivirus software: security solutions will make it possible to detect threats and eliminate them.
3. Use strong passwords: make sure your passwords are not easy to guess and do not use the same password on different platforms.
4. Do not open e-mail attachments: especially if they are from unknown senders, as they may contain malware. 
5. Do not click on links in emails from unknown senders or websites: this is a common way for malware to spread.
6. Avoid using unsecured Wi-Fi networks in public places: unsecured networks leave you vulnerable to «man-in-the-middle attacks».

You might also be interested in: What are the 3 most recent cyber threats?

Important: Endpoint security

It is also known as End User Protection and is one of the most fundamental aspects of cybersecurity. In the end the person (end user) is the one who accidentally loads malware or other cyber threat on their devices.

How do cybersecurity measures protect end users and systems?

1. Cybersecurity relies on cryptographic protocols to encrypt emails, files and other critical data. In the same vein, it not only protects information in transit, but also offers protection against loss or theft.
2. End-user security software scans computers for malicious code, quarantines such code and removes it from the computer. Security programs can even detect and remove malicious code hidden in the master boot record (MBR) and are designed to encrypt or erase data from the computer’s hard drive.
3. Electronic security protocols also focus on real-time malware detection. Many use heuristic and behavioral analysis to monitor the behavior of a program and its code to defend against viruses or Trojans that can change shape with each execution (polymorphic and metamorphic malware).

Security programs can restrict programs that may be malicious in a virtual bubble separate from the user’s network to analyze their behavior and learn how to better detect new infections.

Security programs are known to continue to develop new defenses as cybersecurity professionals identify new threats and ways to combat them. To get the most out of end-user security software, employees must learn how to use it and be aware of the risks that can affect them.

There is not a day when cybercriminals are not looking for a new target to attack, and as their skills grow, companies must prepare contingency plans such as the use of security software and the training of their employees so that they do not serve as a gateway to these types of vulnerabilities.

As we mentioned in previous articles on this topic, corporate cybersecurity is a complex issue that requires a lot of knowledge to explore and make it effective against threats that may arise against an organization and its precious data.

Today cyber threats have evolved and the criminals behind these types of attacks have sought ways to make them increasingly effective. Here, we will share information on the most accentuated cyberthreats today so that companies can keep an eye on them and prevent them in time:

Malware Dridex

How does Dridex work?

Dridex is a financial Trojan that infects devices through a variety of means. This is often done through malicious attachments in phishing emails.

Typically, its function is to steal a user’s passwords, personal information and banking details for use in fraudulent transactions. It can do this even when web browsing would be considered secure (e.g., via HTTPS).

Another capability of Dridex is that it can monitor other activity on a computer, allowing malicious actors to take screenshots and upload and download files and tools.

It is known that in 2019, the United States Department of Justice, charged the leader of a group of cybercriminals for participating in a global Drindex malware attack. This entire attack affected the public, government and businesses in many parts of the world, as stated by the National Cyber Security Centre in one of its articles.

Fun fact: Cybercriminals manage Dridex through a large system of compromised computers around the world known as a botnet. Through such a system, they can retrieve stolen data and issue their commands, carrying out large-scale crimes.

Romantic Scams

Perpetrators of this type of scams prey on people looking for new partners and trick victims into providing their personal data. This is all done through dating sites, chat rooms and assorted apps.

Fun Fact: In February 2020, the FBI warned U.S. citizens to beware of confidence fraud being committed by cybercriminals through dating sites, chat rooms and apps. Then it was learned that romance cyber threats affected 114 people in New Mexico in 2019, whose losses totaled $1,600,000.

Emotet Malware

It is a sophisticated Trojan that can steal data and also load other malware. It preys on unsophisticated passwords, which is a reminder of the importance of creating a strong password to protect against cyber threats.

The Australian Cyber Security Centre, is known to have warned national organizations in 2019 about the widespread global cyber threat of Emotet malware.

Security programs continue to develop new defenses as cybersecurity professionals identify new threats and ways to combat them. That’s why it’s important to be aware of and stay on top of what’s new as it emerges so you can find solutions to combat it.
Do you want to know how you can strengthen end-user protection, which is fundamental to cybersecurity?

You can find out more in our next article.

2020 will not only be remembered as the year of the pandemic, but also for the importance and relevance of cybersecurity for individuals and companies. All this was the result of the increase in cyber-attacks derived from the accelerated implementation of teleworking, where organizations were forced to establish new cybersecurity measures outside their offices.

You may also be interested in How important is cybersecurity in companies?

Global cyber threats continue to develop at a rapid pace, with an increasing number of data breaches each year. In a report by RiskBased Security, it was revealed that 7.9 billion records have been exposed by data breaches in the first nine months of 2019. This is more than double (112%) the number of records exposed in the same period during 2018.

Medical services, retailers and public entities suffered the most breaches. Some of these sectors are more attractive to cybercriminals as they collect financial and medical data, although all companies using the networks can be attacked.

With the extent of cyber threats steadily increasing, the International Data Corporation predicts that global spending on cybersecurity solutions will reach $133.7 billion by 2022. The importance of monitoring systems is reflected in «10 Steps to Cybersecurity,» guidance provided by the UK Government’s National Cyber Security Centre. In Australia, the Australian Cyber Security Centre (ACSC) is responsible for publishing periodic guidance on how organizations can counter the latest cybersecurity threats.

The threats facing cybersecurity are:

1. Cybercrime: involves individual actors or groups attacking systems for financial gain or disruption.
2. Cyber-attacks often involve information gathering for political purposes.
3. Cyberterrorism aims to weaken electronic systems to cause panic or fear.

How do they gain control of computer systems? These are some common methods employed according to a Kaspersky article:

• Malware: this is malicious software and is one of the most common cyberthreats. The cybercriminal or hacker has been responsible for creating it to damage a user’s computer through an email attachment or a download, with the aim of making money or making a cyberattack for political purposes.
• SQL code injection: (Structured Query Language), is a cyber-attack used to take control and steal information from a database. This gives them access to confidential information.
• Phishing: refers to when cybercriminals attack their victims with emails that appear to be from a legitimate company requesting confidential information. These types of attacks are often used to induce people to hand over their credit card details and other personal information.
• Man-in-the-middle attack: this is when a cybercriminal intercepts communication between two individuals to steal data. For example, on an unsecured Wi-Fi network, an attacker could intercept data being transmitted from the victim’s device and the network.
• Denial-of-service attack: cybercriminals prevent a computer system from fulfilling legitimate requests by overloading networks and servers with traffic. This renders the system unusable and prevents a company from performing vital functions.

There are many threats to which companies are subjected on a daily basis, which is why it is vitally important to be aware of them and get down to work to prevent them through various mechanisms and rules that we establish to take care of all our IT assets.

Don’t lose track! We will be uploading new content about cybersecurity that you should read to get a broader view of the importance of this whole topic.

Corporate cybersecurity is a complex and relevant issue, especially in the insurance industry, which handles large amounts of data and information that need to be protected for the good of customers and the organization itself.

Taking into account technology and its benefits, in addition to the set of tools, policies, security concepts, risk management and other guidelines, it is a priority for the insurance company to carry out a plan to safeguard its assets.

What is cybersecurity?

According to the article What is cybersecurity? on the Kaspersky website, it is a practice used to defend computers, servers, mobile devices, electronic systems, networks and data from malicious attacks.

Categories of cybersecurity:

• Network security: based on protecting a computer network from intruders, attackers or malware.
• Application security: focused on keeping software and devices free from threats, since a contaminated application can give access to the data it is intended to protect.
• Information security: this protects data integrity and privacy, including data storage and transit.
• Operational security: includes the processes and decisions to control data resources. Some items included in this category are the permissions that users have to access a network and the procedures that indicate how and where data can be collected or shared.
• Crash recovery and business persistence: these define how a company responds to a cybersecurity disaster or other event that halts operations or fuels data loss.

Trouble recovery policies entail the way in which an organization restores its information and operations to regain the operational capacity that existed prior to the unfortunate event.

• End-user training: This addresses the most unpredictable cybersecurity factor: people. By failing to follow good security practices, anyone can accidentally allow a virus to enter an otherwise secure system. The most important thing is to teach a company’s users to delete suspicious email attachments, not to plug in unidentified USBs, and other lessons that safeguard the organization’s security.

This topic cannot be summarized in a single part since it consists of several aspects that we must know in order to make our company’s cybersecurity effective from the very beginning. This is why we invite you to follow the trail of the articles that will serve as a complement, which we will be publishing in the following days.

Remember to visit our downloadable content library. We have several contents that we know you will be interested in, don’t miss them!