The Log4j vulnerability is effecting everything from development tools and games like Minecraft to cloud and security devices and even your car. Therefore the question is what do we look for?What is the latest information about keeping you and your business safe?
Firstly, what is Log4J?
Log4J is a flaw in a Java library.
For those reading this who are less technically included, Java is baked into many pre-made applications and used across a number of services. Therefore this vulnerability is prevalent across a number of attack vectors. Because of this it is currently the most talked about and high risk security vulnerability on the market at the moment with everyone scrabbling to patch out the risk.
The library is developed by the open-source Apache Software Foundation and is a key Java-logging framework. As detected in the vulnerability logged as CVE-2021-44228, a remote code execution flaw in Log4J, was already being exploited in the wild. Any system which has the same vulnerability is at serve risk. Warnings have been issued by the UK’s National Cyber Security Centre (NCSC).
What is at risk?
Basically any device which is exposed to the internet is at risk if it is running Apache Log4J versions 2.0 to 2.14.1. Now, the list of applications that have this would fill pages and pages – everything for Minecraft servers to Tesla’s car OS, with companies like Apple and Amazon also being pulled into the mix. Because of the way that Apache package software this vulnerability as per the NCSC notes, can also be found in anything running Apache Struts2, Solr, Druid, Flink, and Swift frameworks. With AWS having detected and working to patch the vulnerability currently, pushing mitigation protections via its CloudFront service.
Vendors with popular products known to be still vulnerable include Atlassian, Amazon, Microsoft Azure, Cisco, Commvault, ESRI, Exact, Fortinet, JetBrains, Nelson, Nutanix, OpenMRS, Oracle, Red Hat, Splunk, Soft, and VMware. And this list will continue to grow as product try to patch out the issue and make it known they have the vulnerability.
What can I do right now?
Because there is currently no direct patch for this, the best option is possible is to Airgap any system that is using or known to have Apache components or frameworks as part of its services from the internet. If you can’t do this then get a Web Application Firewall in place in front of any public facing system as it is very likely that these players will be able to provide WAF rule sets quicker than Apache can get a new version of Log4j tested and out into the wild.
As soon as a patch is available, get your Apache systems patched and up to date and ensure that you check all of your systems, as many IT administration tools install parts of the Apache framework for running web front ends or even systems of management and control for your devices.
The best action you can take as an IT system owner is to review anything you have that is publicly facing or publicly accessible. You need to take action now as this attack does allow the system to have complete control taken over by the attacker and it is not yet known how other defence tools are responding to this infiltration as the Java libraries are normally a trusted location and as such can leave a business open to attack.
If you are concerned about the security of your business then I implore you to call Planet IT today. One of our security specialists will be able to join you on a call and discuss the mitigation actions you can take and advise you of the best way to ensure your business is protected.
If you would like to discuss with myself or any of the cyber security team at Planet IT about how you can better protect you business, should that be with new technology, strategies or even better back ups you can reach us using the contact details below;
https://www.planet-it.net/wp-content/uploads/2021/12/Log4J-01.jpg6281200James Dellhttps://www.planet-it.net/wp-content/uploads/2020/07/pitheaderlogo-margin.pngJames Dell2021-12-14 09:41:112021-12-14 09:41:11Log4J Zero-Day Flaw – Are you are risk? And How Do you Protect Yourself?
We are all too aware that the cybersecurity landscape is changing and will continue to change as the technology we use every day continues to adapt, develop, and alter our daily lives.
Put very simply, this trend is clear when you compare your 2010 Honda Civic to the latest release from Tesla; technology is embedded into every corner of our lives and it now even governs your driver safety.
Because of this, the drive to protect business and individuals from threat actors has never been more important. With an ever-shifting set of cybersecurity goalposts becomes the need to understand, adapt and overcome whatever threats may come your way.
As such in this article I am going to take you through five trends we are seeing when looking a cybersecurity and the defence of your IT infrastructure.
1. The Expanding Cyber-Attack Surface
According to cybersecurity ventures, the world will store 200 zettabytes of data by 2025. This data is coming from thousands upon thousands of different sources and a considerable amount of the data is now being driven by IOT and smart technologies.
As I mentioned in my introduction, think of all the data that every Tesla on the road today is generating, the pure volume of telemetry data, decisions, battery health and all the other statistics these mobile computers are generating is staggering. Now think about your smart home, with fridges that can be remotely controlled, lighting, cooling, heating and even garage doors that can triggered from anywhere across the globe, then add into the mix home security systems link Ring Doorbell. All of this sits outside the realm of what for many would have previously considered data that needed to be secured. However, it is easy to see how data like the time you leave your house, the speed you drive and direction you travel, could be of value to a threat actor and even worse could be data they leverage against you.
This however is just to the point, the fact that as businesses are having to daily adjust the scope of what is and is not part of the business attack surface, this leaves the threat actors room to move and the gaps they need to turn your secure system into Swiss cheese.
5 years ago, CCTV may or may not have been the responsibility of the IT department. Today, with digital cloud driven solutions, this firmly sits within a business IT attack surface and is a clear technological risk.
Similarly, take the smart card reader that opens your office doors and your car parking barrier. This is a business attack surface which in the traditional IT model we would have simply been able to ignore. This is no longer the case. It sits on the list which will continue to grow of new areas where CISO, cyber security experts and IT teams in general need to protect.
This trend will of course continue. As IT professionals we must adjust our
security posture and consider how this effects the technologies we use to protect our data and our systems.
There is by no means a golden bullet but there are key markers for success in this area.
2. Ransomware as a Cyber Weapon of Choice
Ransomware has been around for almost two decades and has grown in popularity because it can more easily bring financial rewards to hackers. It is estimated that there are now 124 separate families of ransomware and hackers have become very adept at hiding malicious code.
The reason is that ransomware became a weapon of choice for hackers in the last 18 months was drive by the COVID-19 pandemic. This instantly altered a digital landscape that for many businesses had been slowly changing. In fact, most were stuck to the traditional walled garden of onsite infrastructure and controlled working environments. Now, with the transformation of so many companies and how we operate as a mostly digital, this creates more targets for extortion. According to a research, ransomware increased by 435% in 2020 as compared with 2019.
In 202, the estimated cost of ransomware was £14.5 billion – a rise from £8 billion in 2019 and £5 billion in 2018. That trend will continue to grow.
The likely impact for the near-term future is that there will be more ransomware attacks against institutions and corporations who are less cyber secure and cannot afford to have operations impeded. This includes health care, local governments, and educational institutions. For these sectors the need to adapt and overcome the finical challenges of protecting their businesses has never been more paramount.
3. Increase in adoption of cloud services
Cloud vulnerability continues to be one of the biggest cyber security industry trends. Again, the rapid and widespread adoption of remote working following the pandemic increased the necessity for cloud-based services and infrastructure drastically, with huge security implications for organisations. For many, these implications where not understood or ignored as the business threw themselves into a cloud strategy in sheer panic in 2020.
Don’t get me wrong, cloud services have become essential and offer a range of benefits – scalability, efficiency, and cost savings – but they are also a prime target for attackers.
Misconfigured cloud settings are a significant cause of data breaches and unauthorised access, insecure interfaces, and account hijacking. All of these are avoidable but for many businesses they simply don’t know the vulnerabilities are there. During our webinar series, I often talk about the shared responsibility model. It is key to keeping the door closed to attack but is greatly misunderstood or even ignored by a lot of businesses.
4. Social engineering attacks getting smarter
Social engineering attacks, like phishing, are by no means new threats but have become more troubling amid the widespread remote workforce of the last 18 months. Attackers target individuals connecting to their employer’s network from home because they make easier targets. The attack looks to exploit the weak link in most businesses’ security posture, the end user.
As well as traditional phishing attacks on employees, there has also been an uptick in whaling attacks targeting executive organisational leadership. This trend sees CEO, CFO and other business managers being impersonated to other employees or customers to gain financial details or gain credentials.
SMS phishing – sometimes known as ‘smishing’ – is also gaining prominence, thanks to the popularity of messaging apps such as WhatsApp, Slack, Skype, Signal, WeChat, and others. Attackers use these platforms to try to trick users into downloading malware onto their phones, which for many are now heavily linked to the corporate network be that via email or shared file access. For many businesses, MDM or MAM are technologies they still haven’t invested in.
Organisations are increasing their protection against phishing, but criminals are always looking for new ways to stay ahead. This includes sophisticated phishing kits which target victims differently depending on their location. To stay ahead of these trends, businesses need to ensure their staff understand and can act as the human firewall against these attacks – social engineering is not something that technology alone can protect your business from.
5. The Future, Privacy-enhancing computation techniques.
To change pace slightly now and look less at the trends around attack vectors and how the threat actors are getting in and more around how the cyber security industry is helping us all fight back.
Privacy-enhancing computation (PEC) techniques are emerging that protect data while it’s being used — as opposed to while it’s at rest or in motion.
This marks a dramatic shift in the level of protection we can leverage onto data and how we can continue to work to lock out the threat actors from data at all stages of its life cycle. This technology will also enable secure data processing, sharing, cross-border transfers and analytics, even in untrusted environments.
This technology is rapidly transforming from academic research to real projects delivering real value, enabling new forms of computing, and sharing with reduced risk of data breaches.
I would expect to see these products in your security portfolio in the next 12 months.
With the landscape continuing to move beneath our feet daily, as IT professionals, we need to stay ahead of the trends and ensure that we are looking at what threats are just over the horizon.
No IT team can afford to rest on their laurels as the successes of yesterday will not protect you from the threats of tomorrow.
If any of this is of concern to you, whether you are an IT professional, a business leader or simply have cybersecurity fears, please reach out to me or one of my team and we will be more than happy to assess your situation. We are in this war together, and we can’t let the bad guys win!
https://www.planet-it.net/wp-content/uploads/2021/08/2021-cybersecurity-trends-01.png6281200James Dellhttps://www.planet-it.net/wp-content/uploads/2020/07/pitheaderlogo-margin.pngJames Dell2021-08-25 16:38:162021-08-25 16:38:16Top 5 Cybersecurity Trends So Far This Year
We all saw the scenes in March 2020 as lockdown across the U.K and most of Europe was announced. At a moment’s notice, businesses across the globe scrabbled to build vital communication and digital strategies that could support their business operations.
This for many included the mass roll out of new digital devices, communication tools, work place and data management tools and virtual telephony. At the time many businesses made these changes as a knee jerk reaction, simply to combat the “in the moment” problem. However, this dynamic shift in our approach to working, the working environment and our forms of communication has enabled leaders in business to accelerate IT strategies in a way they never would have been able to if 2020 had been “a normal year”. For many CIO, CTO’s and Technical Directors 2020 marked the beginning of a new chapter and the start of a very different IT landscape moving forward. 2021 is already beginning very much where last year left off we are seeing this continued trend of digital acceleration across the business landscape.
Breaking through the red tape
Some businesses when asked about the effect of 2020 on their digital strategies have said they jumped through two years of red tape, internal approvals and cost benefit analysis in two days. This shows the systemic shift we saw almost overnight. This change has seen many business jump from traditional technologies (desktops / servers and onsite telephone systems) to cutting edge technologies emerging across the IT landscape with the likes of Public Cloud, Mix Media Devices and cloud telephony with unified communication.
This trend can easily be reflected in the numbers published by Microsoft in relation to the usage of their communication platform Microsoft Teams which jumped from 900 Million meetings held on the system per day in March 16th 2020 to 2.7 Billion per day by the end of March. That number is yet to drop and if anything will continue to rise as the pandemic runs in course and staff continue to be offered the flexibility of work space.
The Importance Of Being Ready
It is worth mentioning at this point for the business which unfortunately saw their trade days come to an end in 2020. Many had failed to adapt, grow and change before 2020 and where therefore unable to adapt in a way that enabled them to be flexible around the pandemic. For these business, the lack of development of IT systems lead to a perfect storm of spending requirements, insufficient time and a lack of business commitment to IT and digital development.
The importance all business must learn from the events of 2020 is that digital transformation in the modern age is imperative. A business without IT cannot function and the drive of CIO, CTO and Technical Directors has and will always remain in the development, expansion and overall success of a business. They above all others know how critical those systems are.
Unfortunately for many businesses, IT is often considered to be a “cost with little reward” which from last year we can see is ultimately the wrong way to approach the topic. IT is a business enabler and when used as such it can allow all business to overcome situations and circumstances which is never would otherwise be able to.
The right focus
As we move in 2021 with earnest, I am working with all of our customers to enable this continued business growth with the aim of removing the stigma around IT spending. The focus is on the benefits vs the cost rather than the costs vs doing nothing as was so clearly the case for many business in the years leading up to 2020.
If any business wants to strive and succeed in 2021 then the goal must be to continue the path of digital acceleration and put IT as a business focus for all. Remember, don’t just look at the short-term pains. It’s all about how we develop and implement strategies that protect businesses for many years to come.
If you want to discuss your business IT strategy or how Planet IT can help you to accelerate your growth using IT then please call 01235 433900 or you can reach out to me via DM or at [email protected].
https://www.planet-it.net/wp-content/uploads/2021/01/Digital-Acceleration-01.png6281200James Dellhttps://www.planet-it.net/wp-content/uploads/2020/07/pitheaderlogo-margin.pngJames Dell2021-01-18 10:24:422021-01-18 10:24:42Digital Acceleration for businesses. Why 2020 was just the start
Project Management is a key skill and resource for any business. I think we can all agree on that. It’s a massive industry full of very clever people with accreditations, degrees and most using the latest, greatest software to make their difficult jobs a lot more streamlined and efficient.
Then why do so many projects fail or go so far over budget?
Go a little further, beyond focusing on project management in general, IT projects are notoriously difficult to plan, budget, execute and deliver within the expected timeframe.
The numbers behind these claims?
Almost 1/3 of IT projects go over budget, according to Forbes
1/5 overspend by an eye-watering 200%
Overspending is generally tied in with a schedule overrun, 70% longer on average
Only 2.5% of projects were completed totally successfully within the original scope, on-time and under budget, according to a PWC study of over 10,000 IT projects.
17% of failed projects threaten the survival of the business.
But what causes these failures? Is it the software? The goals? The approach? All of the above?
“Better software must be the answer?”
Let’s put that to bed straightaway. At Planet IT we are constantly approached by companies claiming to have the latest and greatest project management solutions that we can either use ourselves or re-sell to clients. Certainly, the right software package can make a job easier, but it’s a tool to use, nothing more.
“Should everyone be using SCRUM or AGILE techniques?”
Once again, these methods and techniques can help, but are like the software, not going to save your project.
“Unrealistic objectives, lack of set goals or milestones?”
Now you’re thinking along the right lines! It’s not necessarily the poor objectives, missing goals or even scope creep – it’s more the people that set the objectives and allow variance from the plan that’s the problem!
That’s right, projects struggle to succeed because of the people!
All of the software, tools and tricks are no substitute to a project delivered with proper processes, procedures, monitoring and communication, with a professional approach by an expert in that field.
You wouldn’t ask the best logistics PM to plan and execute an IT Project, just like you wouldn’t ask an IT PM to execute a skyscraper construction plan.
The problem isn’t that it’s an IT project. Complicated technology does not cause the shortfalls, it can be that the wrong people are operating and interacting with tech they cannot handle, poor SoW, Lack of information divulged by the internal project sponsor, senior people within the business changing the scope without understanding the process and the knock on affects, outside factors could even be business requirements change within the project delivery. It could be so many factors and so many reasons why a project can be delayed, changed, late or even fail. It all comes down to proven processes within the Project Management of each stage of the project and ensuring that the whole team fully understands and follows it.
Learning in Practice
Our IT project managers, as well as the top PM’s at other big IT companies, have years of experience behind them. They have delivered countless large and complex tasks. They have become proficient on the job, spending time in the trenches building that competence through actually doing it! They are recruited and nurtured due to their previous successful project experience, their leadership abilities, their communication skills, their ability to work in teams and the basic skills and competencies necessary to complete technology projects successfully.
Technology is constantly evolving. We hear that all the time. However, so too is the IT project manager. They grow with the latest tech, software, practices and executions. We regularly see (but rarely ask) our PM’s to complete training in their spare time. They live and breathe their work and thrive on being the best at delivering structured solutions to complex dilemmas.
At Planet IT, we’re very lucky that we are high level partners with the major technology vendors. It means we have access to new training as soon as it’s available. And to the experts who flourish on being the best… well, they feed on the knowledge that they are at the top of their industry and strive to prove it though delivering time and time again.
Communicate Clearly and in Time
Pair that technical expertise to the ability to communicate effectively and you’re looking at a very good IT Project Manager.
Some people are genius at what they do. However, sometimes they struggle to get a point across. IT experts often have a bad reputation for talking too technical to people not as technical as they are. It’s a reputation that is unfortunately earned for a reason. Points need to be shared business wide. There are going to be stakeholders that don’t have the expertise of others, but still need to understand how all cogs work together.
Building the right plan, with clear milestones and deliverables is essential. Having just that yet not sharing it succinctly is criminal. As is not sharing updates, wins and any hic-cups that might arise – because they often do, out of anyone’s control.
Unforeseen problems do occur throughout almost all projects, communicating in a timely fashion to the project sponsor, building in captures and following the process when something doesn’t quite go to plan. Change of scope is never good to hear however it’s better to communicate at the source and when the issue occurs rather than sitting on the problem, this helps drive a new albeit slightly different path for the Scope of Work at the earliest point rather than waiting for further problems or longer delays.
The Planet Difference
At Planet IT, we believe in the Planet difference: our experts’ abilities, determination and commitment to the project. They never leave a project unfinished and to always resolve the unexpected, wherever it occurs.
Good PM’s are here to lead the way, ensuring due process is followed and goals are achieved on budget, on time and as expected.
How do we do this?
✅ Strategy – Initial audits, research, and advice ✅ Design – Clear solution designs against business case ✅ Transition – Project approval through to project start and procurement ✅ Operation –Implementation and monitoring ✅ Improvement –Change management and client review
If you’d like to take a closer look at our process, we’re happy to offer a free walk through of our proven project formula for those companies looking at IT changes and might want a professional help – just send me an email to arrange – [email protected]
Similarly, if you’d like to read more about our work, check our our Project Management page or download our Skills Matrix:
Certainly, IT projects are difficult. There are lots of things that can be pointed out as the cause of failure:
Clear project process
Poorly defined scope
No use of formal methods & strategies
Lack of communication
No defined goals & milestones
Failure to track progress
Quick and Responsive to necessary changes
Lack of detail
… but what do all of these have in common? The people that deliver the project.
Start there. Get the right, qualified, experienced and proven people to run a project.
Do it right, the first time!
https://www.planet-it.net/wp-content/uploads/2020/12/IMG_7037-scaled.jpg17072560Nick Johnshttps://www.planet-it.net/wp-content/uploads/2020/07/pitheaderlogo-margin.pngNick Johns2020-12-07 09:49:512020-12-07 13:44:04Why do so many IT Projects struggle to complete on time and in budget?
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.