CCleaner Server Was Compromised in Early July

A server distributing a version of PC utility CCleaner infected with malware might have been compromised in early July, Avast revealed.
Two versions of the highly popular Windows maintenance tool (32-bit CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191) were modified to distribute information stealing malware, and over 2 million users have been impacted by the incident. The infected binary was released on August 15 and remained undetected for four weeks.
CCleaner was developed by Piriform, which was acquired by anti-virus company Avast in July, 2017. After news of the infected installer broke on Monday, the security firm decided to step forward and clarify that the compromise likely happened before the July acquisition.
“Before we completed the acquisition, the bad actors were likely already in the process of hacking into the Piriform systems. The compromise may have started on July 3rd. The server was provisioned earlier in 2017 and the SSL certificate for the respective https communication had a timestamp of July 3, 2017,” an Avast blog post signed by Vince Steckler, CEO, and Ondrej Vlcek, CTO and EVP Consumer Business, reads.
人们薄弱的安全意识往是信息安全的最大隐患,而且这项关于“人员”的弱点不像其它技术漏洞那样容易得到修复。所以,普及互联网安全知识教育是项长期而艰巨的任务!
The company also disclosed that they were warned of the infection by security company Morphisec, which says that it first encountered the malicious CCleaner installations on Aug. 20. However, it was only on Sept. 11 that Morphisec received logs from some of its customers and could start an investigation.
On Sept. 12, Morphisec warned Avast of the infection, and the latter was able to resolve the issue within 72 hours. By Sept. 15, the command and control server that the malware was contacting had been taken down and Piriform had already released a clean version of CCleaner.
Avast also claims that no actual harm was done to the impacted computers, despite the fact that 2.27 million users downloaded the infected application release, as the final payload in this attack never activated.
“About 30% of CCleaner users also run Avast security software, which enables us to analyze behavioral, traffic and file/registry data from those machines. Based on the analysis of this data, we believe that the second stage payload never activated, i.e. the only malicious code present on customer machines was the one embedded in the ccleaner.exe binary,” the company says.

CCleaner v5.34 and CCleaner Cloud v1.07.3214 have been released without the malicious code inside, and Avast says that only around 730,000 users are still running the affected version 5.33.6162 on their systems. The free CCleaner variant doesn’t include automatic updates, meaning that users need to manually download and install the clean version.
“We deeply understand the seriousness of the situation, as we do with all security threats. We regret the inconvenience experienced by Piriform’s customers. We plan to be issuing more updates on this as we go. We have made it our highest priority to properly investigate this unfortunate incident and to take all possible measures to ensure that it never happens again,” Avast also says.
Affected users are advised to update to the latest versions of CCleaner as soon as possible, to remove any malicious code from their computers.
Related: Millions Download Maliciously Modified PC Utility
Related: Avast Acquires CCleaner Developer Piriform 
当禁止浪费之风刮向网络安全行业
公司应该采用必要的技术手段和管理措施,保证数据通信的保密性和完整性。涉密信息应进行加密处理,确保涉密信息在传输、处理、存储过程中不被泄露或篡改。

猜您喜欢

新城镇开展工贸企业安全生产培训活动
在线开放式EHS基础知识和理念培训班
Cyber Security Law 网络安全法宣传视频系列001
普京观摩俄白“西方-2017”联合军演
FUNK LINNEBURAUCTIONS
网络安全公益短片防范社工电话诈骗

Siemens’ New ICS/SCADA Security Service a Sign of the Times

如同在和平时期要做好战争准备一样,我们应该居安思危,通过进行业务影响评估,了解各种潜在的灾难发生的可能影响,制定适当的业务持续和灾难恢复计划,包括紧急事件来临时的沟通计划和培训计划,并定期进行测试和演练。
Siemens’ New ICS/SCADA Security Service a Sign of the TimesMajor ICS/SCADA vendors are entering the managed security services business with cloud-based offerings for energy and other industrial sectors.It’s been seven years since the game-changer Stuxnet worm was unearthed and thrust the industrial control sector to a new reality where cyberattacks could sabotage even air-gapped physical plant operations.
Siemens, whose whose process control systems were targeted in the attack that ultimately sabotaged centrifuges in the Natanz nuclear facility in Iran, was among the first of the traditional ICS/SCADA vendors in the wake of Stuxnet to step up and build secure software development programs as well as roll out new products with built-in security features.
Now meet the next big thing for Siemens and other major ICS/SCADA equipment vendors: managed security services. Siemens today kicked up a notch its existing network monitoring and security services with the addition of anomaly detection technology from PAS that monitors all brands of industrial and computing equipment – not just its own – on a plant network.
Leo Simonovich, vice president for global cyber security for Siemens, says the newly enhanced managed security service – which includes monitoring, incident response, and management – is just the beginning, with more features on the horizon. The network monitoring capability in Siemens’ service that launched earlier this year comes via its partnership with Darktrace.
“We have a vision to bring the best of breed technologies together” for visibility of OT [operational technology] networks, Simonovich says. “That means we have to monitor the network, monitor the control layer, and the assets themselves, like turbines,” for example, he says.
“Control-level coverage solves a core problem for customers: they can’t protect what they can’t see.”
It’s been a long road for Siemens since Stuxnet. The firm in the wake of Stuxnet Siemens doubled down on patching its older and security flaw-ridden ICS/SCADA systems software and launched an internal CERT, as well as focusing on secure software development. In 2012, Siemens launched a new generation of ICS systems with built-in firewall and virtual private network features, the Simatic CP and Scalance communications processors, as well as a new secure router.
“Unfortunately, we were hit by Stuxnet, and since then our journey has been to more secure products” as well as security service offerings “irrespective of the vendor. That’s what our customers are asking of us,” Simonovich says.
Some of its counterparts also are expanding into cloud-based security services for ICS/SCADA operations. Rockwell Automation late last week launched new threat detection services that include similar features to what Siemens is now offering: real-time monitoring as well as asset management. The ICS/SCADA vendor built the service with with threat-detection software from startup Claroty.
Schneider Electric offers a cybersecurity protection service that automatically updates Schneider’s products as well as third-party operating systems and endpoint security products with patches.
Security experts expect more of these traditional large ICS/SCADA vendors to roll out managed security service offerings, as the industrial sector faces new and more advanced threats that many of these organizations don’t have the expertise nor experience to thwart.
Dale Peterson, founder and CEO of ICS firm Digital Bond, has been watching major ICS/SCADA vendors start to build more secure products since Stuxnet’s discovery. Cloud services from these vendors could be the next trend, he notes, as these vendors look for new sources of revenue.
OT: Security Newbies
Many industrial, aka operational technology (OT), teams are still new to cybersecurity. “For many of them, OT is the core focus on on operations of that plant. Cybersecurity is not their day-to-day job,” Siemens’ Simonovich says. That’s where Siemens hopes to step in with its managed security services, he says.
Not unlike IT’s challenge, staying on top of all of the devices and software configurations and updates in an OT network has made these plant networks more vulnerable to attack.
强化信息安全自检倡导廉洁自律防控监守自盗
Human error accounts for 70% of incidents in the OT environment, says Eddie Habibi, founder and CEO of PAS. “These systems are wide open to external attacks as well as internal human error,” he says, which ups the ante for better visibility and management of them.

PAS’s technology includes asset discovery and inventory, patch management, vulnerability assessment and recovery, and configuration and change management control, he notes, as well as analytics and visualization of all types of vendors’ systems.
Proprietary ICS/SCADA systems not only are engineered differently, but often configured specifically for a certain plant environment based on operational performance requirements and other parameters, notes Siemens’ Simonovich. “That’s been a hard nut to crack,” he says. “The network-level mentoring doesn’t tell you if a PLC is behaving in a particular way to turn on or off a valve, for example,” he says. That’s something PAS’s technology and Siemens’ analytics features do via the new security service, he notes.
Meanwhile, anomaly detection vendors and products for the ICS/SCADA realm have exploded over the past year or so, with some 20-plus vendors crowding this space, notes Digital Bond’s Peterson, who has tracked them. It’s unclear whether industrial operators will go with these third-party vendors or their traditional ICS/SCADA vendors, he says.
“How successful [traditional ICS/SCADA vendors] will be is too early to know,” Peterson says.
“Do you pick an ICS vendor or a traditional monitoring vendor, or some new specialized ICS monitoring vendor?” he says. “That’s a harder choice” for operators than choosing ICS/SCADA equipment vendors, he says. “A lot of times smaller vendors have more expertise because it’s all they do but they don’t have access to … who engineered those [ICS/SCADA] products,” for example, he says.
Related Content:
Stuxnet Five Years Later: Did We Learn The Right Lesson?
Stuxnet, The Prequel: Earlier Version Of Cyberweapon Discovered
Anatomy Of A ‘Cyber-Physical’ Attack
Stuxnet’s Earlier Version Much More Powerful And Dangerous, New Analysis Finds
Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.
我们采用了大量的安全控制措施,比如防火墙、漏洞修复和入侵检测,这些技术措施可能会落后于精明的黑客,所以为了来实现安全控管目标,我们还积极地提高员工们的安全防范意识,让他们能主动识别和应对新型的安全威胁。

猜您喜欢

全国首次跨区域煤炭去产能指标交易将在河北省公共资源交易中心举行
如何让互联网更加安全
网络安全法普法宣传 004《网络安全法》的突出亮点
《奔跑吧兄弟》倡导公益从自身做起
ONFIDO BELMONTHOUSEOFSMOKE
互联网经济冲击信息安全管理咨询服务

Low-cost tools making cybercrime more accessible: SecureWorks

Malware as a service, along with the affordability of spam botnets, is providing criminals with a low barrier of entry into the cybercrime space, a report from SecureWorks has said.
In 2017 State of Cybercrime: Exposing the threats techniques and markets that fuel the economy of cybercriminals, the SecureWorks Counter Threat Unit explained that less experienced hackers are able to purchase information-stealing malware for reasonably low prices, and, as a result, this has increased who can conduct malicious activity online.
“The internet underground is thriving with ready-to-purchase malware. In underground forums, inexperienced or less-skilled cybercriminals are able to purchase information-stealing malware for reasonably low prices, typically in the form of pre-compiled binaries or premium builder kits that enable attackers to custom configure their own binaries,” the report explains.
Similarly, spam botnets, labelled the most frequently used method for the distribution of all “wares” by SecureWorks, are readily available for a low cost to budding cybercriminals.
“Today, cybercriminals can tap into large botnets to increase the spread of their spam exponentially, a product that can be thought of as ‘spam as a service’,” the report says.
As one example, the report says one large spam botnet known as Kelihos was charged at as little as $200 per million emails sent for pharmaceutical and counterfeit goods-type messages.
Personal information remains a popular commodity, SecureWorks said, with tested and verified credit card data available in some cases for as little as $10, and highly detailed personal information records also offered for as low as $10.
In total, the report details 11 key findings based on the company’s research. However, in addition to the malware and ransomware explosion that was WannaCry and Petya, as well as the business email compromise (BEC) threat that accounted for $5 billion in losses globally between October 2013 and December 2016, SecureWorks highlighted that online crime is a market economy of its own.
The global financial toll of cybercrime is difficult to quantify, but pointing to a report from the US Federal Bureau of Investigation (FBI), SecureWorks said internet crime led to losses in excess of $1.3 billion [PDF] in 2016.
The report from SecureWorks labelled the online criminal landscape as one that is complex and composed of actors with a diverse range of capabilities.
As defined by SecureWorks, the underground internet is the collection of forums, digital shop fronts, and chat rooms that cybercriminals use to form alliances, trade tools, and techniques, and sell compromised data that can include banking details and personally identifiable information, as well as anything else.
However, SecureWorks concedes that the full extent of cybercrime is not visible solely through this window.
“Lucrative online criminality is run like a business, controlled by organised crime groups who are focused on minimising risk and maximising profit,” the report says. “Such groups have considerable reach, will often be active in other areas of more traditional criminality, and, when necessary, will employ the services of other professional criminals who specialise in certain areas, such as moving money or goods around the world.”
With money in tow, cybercrime organisations are often able to scoop up security talent before the good guys can employ them. This has created an underground job market that SecureWorks said mainly requires skills in malware writing, inject writing, data processing, network and sysadmin, and network exploitation, as well as vendors to perform exploit kit loading.
Money muling, where a “middleman” takes the data and passes it on — knowingly or unknowingly — to the cybercriminal, also continues to be a valuable component of the online criminal landscape, the report explained.
SecureWorks also said the perceived gap between criminality and nation states, in terms of both actors and capabilities, will continue to shrink, pointing to the $81 million Bangladesh heist — and the criminals’ links with North Korea — as its example.
Must-Read: Security
Neiman Marcus: 1.1 million cards compromised
Emerging nations’ security critical to future internet: Microsoft
Most CEOs clueless about cyberattacks – and their response to incidents proves it
TECH PRO RESEARCH: IT Anti-Virus Policy
网络安全公益短片防范外国情报机构聘用的军事间谍活动
国内越来越重视创新,黑客的水平也不断提升,相信安全问题也会逐渐增多,如何应对,值得产品和服务的研发设计人员沉思,内置安全的功能到其中是必走之路。

公司的敏感信息数据和员工的私人密码或在线银行帐户信息一样重要,IT管理者必须向员工灌输这样的意识。

猜您喜欢

企业安全意识之歌
网络安全公益短片从电话欠费及涉嫌洗钱开始的骗局
Security-Frontline-安全前线
美白人男子谋杀亚裔妻子未遂 随后残杀3子女
DRUGSTORER BOSTON-ESTATE-PLANNING
首都网络安全日活动的经验应该走向全国

DigitalOcean Warns of Vulnerability Affecting Cloud Users

DigitalOcean is warning customers that some 1-Click applications running MySQL have an account with the same default password across all instances, and the company says the issue affects other cloud providers as well.
DigitalOcean customers reported on social media that they received an email recommending that they run a script to determine if their Droplets – the name used by the company for its cloud servers – are affected by the vulnerability.
The company allows its users to deploy pre-built and pre-configured applications with only one click. The list of 1-Click (One-Click) applications includes Node.js, Rails, Redis, MongoDB, Docker, GitLab, Magento and many others.
DigitalOcean discovered that 1-Click applications running MySQL on Debian and Ubuntu create a MySQL user named “debian-sys-maint” that has the same password on all Droplets created from a 1-Click image.
The “debian-sys-maint” user is designed for local administration purposes and it should have a random password. However, due to a bug, all instances of an application created from the same 1-Click image have the same password.

山东钢铁:拟10转3 一季度扭亏
DigitalOcean said the vulnerability, which is “potentially remotely exploitable,” affects MySQL and several other applications that use MySQL, including PHPMyAdmin, LAMP, LEMP, WordPress and OwnCloud.
“We will be issuing a public notice regarding this issue, but first wanted to ensure our impacted users had time to take action,” the company said in its email to customers. “As part of our verification process, we have discovered that images on other cloud providers also have this mis-configuration.”
DigitalOcean has provided a script that allows users to determine if their Droplets are affected and updates their password if needed. The script works on Ubuntu 14, 16 and 17, and Debian 7 and 8; Debian 9 is not impacted.
Customers who have changed the password for the “debian-sys-maint” user after installation of a 1-Click app are not affected by the flaw and they don’t need to take any action.
“We have changed our 1-Clicks to ensure that all future Droplets will have unique, auto-generated passwords for this user,” DigitalOcean said.
Related Reading: Cloudflare Leaked Sensitive Customer Data
Related Reading: Oracle Improves Cloud Security Offering
由于产业环境的变化,信息安全开始受到管理层的高度重视,成为业务核心竞争力不可分割的一部分。
Related Reading: Cloud Security Firm ShieldX Emerges From Stealth
安全技术培训有助于组织的网络和系统管理员、技术开发人员、安全维护人员等掌握基本的信息安全防范技术,提升其安全技术操作水平,培养解决安全问题和杜绝安全隐患的技能。

猜您喜欢

企业安全意识之歌
中国企业走向全球,国际化人才要接地气,融中西,海外风险与安全基础知识素养要强化:
Security-Frontline-安全前线
儿子年薪三四十万 他住拆迁房当环卫工
BSMARTER PALIBRARIAN
实施华丽的EHS意识培训,只需三步!

New York Pushes to Regulate Credit Agencies After Equifax Breach

信息安全培训考题
New York Governor Andrew Cuomo announced on Monday plans to make credit reporting firms comply with the 23 NYCRR 500 cybersecurity regulations enacted earlier this year. The move is in response to the massive Equifax breach disclosed on September 7, 2017.

“In response to the recent cyberattack that exposed the personal private data of nearly 150 million consumers nationwide, Governor Andrew M. Cuomo today directed the Department of Financial Services to issue new regulation making credit reporting agencies to register with New York for the first time and comply with this state’s first-in-the-nation cybersecurity standard,” says the statement.
“A person’s credit history affects virtually every part of their lives and we will not sit idle by while New Yorkers remain unprotected from cyberattacks due to lax security,” Governor Cuomo said. “Oversight of credit reporting agencies will help ensure that personal information is less vulnerable to cyberattacks and other nefarious acts in this rapidly changing digital world. The Equifax breach was a wakeup call and with this action New York is raising the bar for consumer protections that we hope will be replicated across the nation.”  
In the proposed new regulation (PDF), Maria T. Vullo, Superintendent of Financial Services, makes it clear that her department has been monitoring ‘the deficient practices’ of credit reporting companies (such as Equifax, Experian and TransUnion). She cites failure to safeguard consumer data; failure to maintain accurate data; and failure investigate alleged inaccuracies.
Her proposed solution is to require the credit companies to register with the DFS, to comply with certain prohibited practices, and to comply with the regulations introduced in DFS 500. Failure to comply with this new regulation (23 NYCRR 201) could lead to the revocation of the credit company’s authorization to do business with New York’s regulated financial institutions and consumers — effectively making it impossible to carry on.
“The data breach at Equifax demonstrates the necessity of strong state regulation like New York’s first-in-the-nation cybersecurity actions,” said Financial Services Superintendent Maria T. Vullo. “This is one necessary action of several that DFS will take to protect New York’s markets, consumers and sensitive information from criminals.”
It is thought that 8 million New Yorkers may be affected by the Equifax breach.
防病毒软件保护您的电脑以防止病毒毁坏您的数据、让您的电脑变慢、造成系统崩溃甚或让垃圾邮件发送者通过您的帐户发送邮件。
‘First-in-the-nation’ is how New York describes the DFS 500 regulation. Its two key requirements are that regulated companies (covered entities) must employ a chief information security officer, and that they must deliver an annual cybersecurity report signed off by the board with a certification document to the DFS. The CISO “shall report in writing at least annually to the Covered Entity’s board of directors or equivalent governing body.” This will effectively be a statement on how the regulation is implemented, including details on ‘material Cybersecurity Events’.
The process effectively makes the DFS the final arbiter on the adequacy of the regulated companies’ cybersecurity policies; and the new proposal brings credit reporting agencies in line with the requirements for the regulated financial services organizations.
The proposed new regulation also introduces a new range of prohibitions on credit reporting agencies designed to protect consumers. These prohibit “any unfair, deceptive or predatory act or practice toward any consumer…  violation of section 1036 of the Dodd-Frank Wall Street Reform and Consumer Protection Act…” and “Making any false statement or make any omission of a material fact in connection with any information or reports filed with a governmental agency or in connection with any investigation conducted by the superintendent or another governmental agency.”
Cuomo makes it clear that he hopes that other states will follow with their own similar regulations on credit companies. This puts New York state in direct opposition to the perceived federal preferences of the Trump administration — which would prefer to ease regulatory restrictions on business. Cuomo believes that tighter regulations are required to protect consumers, rather than looser regulations to promote business.
The new regulation will likely be subject to a public comment period. However, under the current proposal, credit reporting agencies will be required to register with the DFS by February 1, 2018, and annually thereafter. The DFS 500 cybersecurity regulation will need to be implemented on a staggered basis, but the credit companies will need to be in full compliance by October 4, 2019.
最近几年APT攻击横行,骇客早也不再以挂黑页炫耀为目的,攻击者可能通过该漏洞作为突破口渗透进入其内部网络长期蛰伏,不断收集各种信息,直到收集到重要情报。

猜您喜欢

长岛消防大队进校园为新生开展消防安全培训
中国顶级黑客关注安全意识培训
网络安全法实施宣传
为让快车道上的骑车老人 公交失控冲上绿化带
7MEDIA SPECTREINDUSTRIES
安全生产为何总是教训不断?

74%的IT领导者说安全问题限制了公众云的移动。

实现监督检查机制,建立文件化的信息安全管理规范,让所有员工做事“有法可依”。强化员工的信息安全意识,建立安全习惯,从而形成易才特有的信息安全文化。
600022:山东钢铁第五届董事会第十七次会议决议补充公告


不少细分的行业电子商务网站在网络安全防范上的投入并不充分,而受到利益冲击的传统经销商则是最大的安全威胁源,

猜您喜欢

贵州都匀消防走进学校开展消防安全知识培训
信息安全意识教育案例之商业黑客参与搜索引擎专利大战
Cyber Security Law 网络安全法宣传视频《网络安全法》背景知识
陈剑飞已履新中央军委机关事务管理总局政委
BARZAHLEN PALMCOASTHOMESFORSALE
网络安全应急资源调度平台

74%的IT领导者说安全问题限制了公众云的移动。

网络安全意识动画片展播针对企业职员的社交工程诈骗电话

真正涉及到安全问题的是我们的个人信息,以及与自身权益密切相关的信息、个人隐私等等。近年来,由于个人信息的泄露造成的各类事件,已经带来了相当严重的社会危害。
学生网晒实习经历让企业头疼,实习生不妥当的信息传播行为给公司带来信息保密和制度管理的困扰。关键是要加强实习生的安全保密意识教育,初入职场的人们根本不懂机密信息对雇主的价值,更不懂如何保护。

猜您喜欢

华新安全培训基地建成投入使用
EHS员工代表必须深刻理解的专业领域基础知识内容
Cyber Security Law 网络安全法宣传视频系列001
金砖中国年
LIGA-PALPITES CPRA-WEB
保密意识第一弹:准确定密并正确标识国家秘密

74% of IT leaders say security concerns restrict the move to public cloud

网瘾的原因除了现实生活不够丰富多彩之外,人们的安全意识淡漠也是其中之一,成人尚且如此,何况小孩儿呢?

华为安防:拿什么拯救安防监控的网络安全?
云计算的安全问题仍然是各类组织的顾虑,云计算很有弹性,还能省下不少开支,但目前缺少足够的安全机制,如性能和可靠性的监控等等影响了向云计算的快速迁移。

猜您喜欢

10人就有9人遭遇信息泄露!如何应对网络安全威胁?
短小的企业员工信息安全基础培训白板动画
网络安全法宣传推广视频 https://v.qq.com/x/page/p050493s0f5.html
新加坡首位女总统"不战而胜" 遭民众"无声抗议"
KARINAON BALLHANKANDSKEIN
保密意识第一弹:准确定密并正确标识国家秘密

How Apple’s New Facial Recognition Technology Will Change Enterprise Security

How Apple’s New Facial Recognition Technology Will Change Enterprise SecurityExpect a trickle-down effect, as tech similar to Face ID becomes offered outside of Apple.Apple’s new Face ID technology promises a security revolution for iPhone users — and it also promises to change all of enterprise security, eventually. While Face ID’s primary audience consists of consumers who buy iPhones, Apple has created a new paradigm for security with a safer, faster authentication system. Similar technology eventually will filter down to devices of all kinds and enable organizations to provide their employees and customers with more secure experiences, protecting their data and keeping cybercrooks at bay.
网络安全法视频宣传片 第二集 国家网络安全的现状与重要性概述
Face ID, introduced by Apple at its product launch on September 12, is a major advance in biometric authentication, both over Touch ID (fingerprint) authentication that Apple devices have used until now and over other facial recognition systems. Apple says Face ID is so accurate that the chance of another random person’s face being used to unlock your phone is 1 in 1,000,000 — much better than the 1 in 50,000 unlock error rate for Touch ID. Face ID bests other facial recognition systems as well; it’s the first consumer-oriented 3-D facial recognition system, beating out systems in devices such as Samsung’s Galaxy S8 and Note8, which are 2-D recognition systems.
The authentication provided by Face ID certainly will prove sufficient for use by organizations as an authentication method to “prove” that a device belongs to the user. Today, however, many organizations — often because of regulations, such as for apps that can access customer account information, or at least as part of best practices — require two-factor authentication. For most organizations, that means requiring users to input a password (something users know) in order to activate an app or log in to a website from a mobile device, coupled with a second authentication factor, such as a biometric marker like a fingerprint (something users are), or a text message sent to a user’s device, which consists of a code that the user must enter into a site or an app (something users have) in order to access it. 
The fact that Face ID is superior to passwords as an authentication method should come as no surprise. The vast majority of major data breaches in recent years (think Sony, Target, major banks, etc.) were due to compromising of login data and password theft. According to a study by Verizon, more than four out of five data breaches are due to stolen passwords or misused credentials; it certainly wouldn’t make sense to have such a weak authentication method to access sensitive data when such a strong authentication method is used to secure the device itself!
That’s why, I believe, Face ID will be the catalyst that sets off a real revolution in data authentication. If Apple can implement such a strong authentication method for its devices, organizations will be searching for something at least as strong to authenticate their data on all devices out there that don’t use Face ID. 
The fastest-growing solution for user authentication in enterprises is phone authentication, in which a mobile device — instead of a hardware token or a password — is used as an authenticator. Organizations that have sought higher levels of security have already ditched passwords, turning instead to authentication systems based on devices, which are considered more secure than passwords and, for an increasing number of organizations, their primary authentication method in a two-factor authentication scheme. 
Seeking better security, more organizations will increasingly dump passwords for device authentication, a system that can be used on any mobile device; the greater security provided by Face ID will, I believe, inspire many organizations to reconsider how they approach authentication, and opt for something more secure, even on devices other than the newest iPhones. 
Fingerprints have often been used as a second factor in a two-factor scheme, but now that second factor has gotten a major upgrade, two-factor authentication based on devices and used with Apple devices that support Face ID will present a formidable challenge — enough to discourage hackers from even trying to breach an Apple device. While Face ID currently is strictly limited to some Apple devices, it’s just a matter of time until 3-D face recognition as an authentication method trickles down to the rest of the industry, as the industry follows in the path of market leader and innovator Apple. 
Combining proven device authentication systems with Face ID truly is a game changer — a revolution, even — and companies seeking to improve their security systems are going to be very attracted to this winning combination. Long live that revolution, I say. 
Related Content:
10 Ways to Prevent Your Mobile Devices From Becoming Bots

Workplace IoT Puts Companies on Notice for Smarter Security
众多缺乏安全意识的员工,正在成为信息安全防护体系中最严重也是最难修补的漏洞。
GoT & the Inside Threat: Compromised Insiders Make Powerful Adversaries
Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.
我们要制定移动安全政策和标准、部署或升级控制措施,还得加强员工的移动设备安全意识教育。

猜您喜欢

员工信息安全意识红宝书
建立信息安全培训计划
网络安全法动漫宣传片 002 国家网络安全的现状与重要性概述
今年航行北极中国商船全部通过最险难航段
GEYIKOYUN VDSYS
网络安全知识科普——如何保护个人信息

为提高物联网设备的数据安全策略

垃圾邮件制造者开始向社交网站转移,因为他们发现电子邮件越来越不赚钱了。


Cyber Security Law 网络安全法宣传视频系列001
公司应该制定有效的信息系统变更管理流程,控制系统变更过程,分析变更影响,确保生产环境的完整性和可靠性。包括紧急变更在内的所有变更都应记入日志,并做好系统变更前准备。

猜您喜欢

LBS地理位置信息泄露造成损失
勿让网络安全人才培养走“中国足球”的老路
网络安全法宣传推广视频 https://v.qq.com/x/page/p050493s0f5.html
全面从严治党 习近平用三大创新永葆生机
PROSHOWENTHUSIASTS THESOUTHERN
互联网金融行业信息安全意识