https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

Security


Security Central: UK Faces Cybersecurity Fines, NotPetya Strikes Europe

  • Written by Allison Francis
  • September 21, 2017
This week’s Security Central takes a peek inside the UK’s new cybersecurity approach, explores the NotPetya malware, and takes a look at new research from Netsparker.

Organizations in the UK could now face serious consequences for having cracks in their cybersecurity armor. According to The Guardian, the British government has proposed penalties as a ‘last resort’ for companies that are failing to properly assess risks and prevent damage from hacks. Organizations could face fines of up to £17m if they fail to take measures to prevent cyber-attacks that could result in major disruption to services such as transport, health or electricity networks.

However, the proposals, which were officially launched on Tuesday, state that financial penalties won’t be an issue iforganizations can prove they did an thorough-enough job assessing the risks in the face of an attack.

This new form of crackdown stems from several recent large-scale attacks. The WannaCry virus sparked the movement/idea, which was then rocketed to the forefront after a major IT failure at British Airways left 75,000 passengers stranded and cost the airline a whopping £80m (although the company blamed a power supply issue rather than admitting a cyber-attack). 

The proposals will also require companies to show what action they are taking to reduce the risks. “We want the UK to be the safest place in the world to live and be online, with our essential services and infrastructure prepared for the increasing risk of cyber-attack and more resilient against other threats such as power failures and environmental hazards,” states digital and culture minister Matt Hancock.

The consultation is set to be implemented on May 2018, and is part of a £1.9bn national cyber-security strategy. Other organizations have chimed in, saying that they want to see a giant push forward in the detection of attacks, developing security monitoring and raising staff awareness, as well as immediate reporting of incidents and ensuring that the proper systems are in place for recovery.

Ciaran Martin, the chief executive of the National Cyber Security Centre, joins the large pool of experts touting the importance of organizations needing to do more to increase cybersecurity. “The NCSC is committed to making the UK the safest place in the world to live and do business online, but we can’t do this alone,” Martin said. “Everyone has a part to play and that’s why since our launch we have been offering organizations expert advice on our website and the government’s Cyber Essentials Scheme.”

Our second story takes a look at the recent malware outbreak strikes Europe. Large banks, law firms, shipping companies and even the Chernobyl nuclear facility in the Ukraine were affected. Hackers exploited the EternalBlue vulnerability in older Microsoft Windows systems to rapidly spread malware.
 
The culprit? The NotPetya ransomware campaign, a variant of the malware Petya. Timothy Crosby, Senior Security Consultant for Spohn Security Solutions, says that the NotPetya attack was very much a horse of a different color, and an even greater cause for alarm than the WannaCry epidemic. Why? While motivation behind WannaCry was merely financial, NotPetya exists solely to create chaos and destruction.

“This Petya variant makes system restoration nearly impossible for those infected,” says Crosby. “Here’s the rub. Malware is growing increasingly sophisticated to the point that it’s virtually impossible to detect using standard cyber security protocols. NotPetya is just the beginning – cyber security teams must remain vigilant to detect and avoid attacks.”

Crosby says that to safeguard a network, businesses must identify potential vulnerabilities through an information security risk assessment. With a rapidly changing cybercriminal landscape, static assessments, stale employee training and protocols will not keep up with the dynamics of cyber security today.

Here are a few suggestions Crosby has for tightening up processes and systems:

Security teams should monitor for aberrant and unexpected behavior, such as accounts being used at odd hours, at multiple locations or while on vacation.
Businesses should employ a host of protection programs that notify personnel when a threat exists, such as Security Information and Event Management (SIEM) systems that automatically aggregate events and alerts based on anomalous activity.
Our last story of the week examines new research from the cybersecurity experts at Netsparker. The research gives insight into what web developers believe is the most susceptible to hacking and how it continues to happen. To give you an idea, sixty-one percent of developers think the government is vulnerable to hacking, and more than half think smart home technologies are a cybersecurity risk. Yeesh.

The main theme here, if you haven’t guessed it already, points to the Internet of Things (IoT). This is increasingly becoming a huge issues, especially as hackers are getting more cunning and sophisticated. Who would have thought we’d live in an age where someone could potentially hack your refrigerator (Smart House flashbacks anyone?)?

Developers think that new IoT driven technologies are indeed the most vulnerable. The rundown is as follows:

  • Smart TVs – 42 percent
  • Web apps and online services – 41 percent
  • Connected cars – 35 percent
  • ATMs – 34 percent

Additionally, when asking about cybersecurity in the boardroom, experts believe that the two biggest culprits are lack of IT understanding and budget (57 percent for both), followed by an absence of concern (39 percent) and the fact that cybersecurity is complicated to understand (30 percent).

“Because of recent election-related events, it’s not surprising that developers and IT professionals have so little confidence in the ability of governments to prevent hacking,” said Netsparker CEO Ferruh Mavituna. “But the reality is that all organizations and enterprises should take precautions to prevent data breaches.”

For more of a deep dive into the survey results and recommendations on how best to secure application software, visit www.netsparker.com.

The views expressed in this column do not necessarily reflect the views of Penton Media or The VAR Guy editorial staff.

Tags: Cloud Service Providers Digital Service Providers MSPs VARs/SIs Security Technologies

Related


  • Partner program gears
    Pluribus Networks Launches Expanded, Simplified Partner Program
    The expanded program shifts from four to two tiers to simplify engagement.
  • New Direction
    Spectra Logic’s New Partner Program Reflects Vendor’s New Direction
    The vendor says changes to how partners approach the market are behind recently announced updates to its partner program.
  • Security Merger
    Thycotic-Centrify Merger Poses Potential Threat to PAM Leader CyberArk
    PAM technology is more relevant than ever with widespread remote work.
  • Depiction of a supply chain
    Full-Stack ICT Supply Chain Ownership Becoming a Thing of the Past
    To own or not to own? Supply chain model changes bring new players to the forefront.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Microsoft Integrates Dynamics 365 and Teams, Reveals New Features
  • Microsoft Exchange Server Zero-Day Exploit Could Have Thousands of Victims
  • Multi-Cloud: Strategy or Inevitable Outcome? (or both?)
  • Channel Partners Virtual Wraps — See You In Person at CP Expo Homecoming

Galleries

View all

From The Second City: How to Use Improv as a Business Tool

March 3, 2021

Industry Perspectives

View all

5 Ways XDR Can Improve Operational Efficiency for MSPs

March 4, 2021

Multi-Cloud: Strategy or Inevitable Outcome? (or both?)

March 3, 2021

Backup Vulnerability: 4 Targets Hackers Might Utilize to Infiltrate Your Backup Solution

March 2, 2021

Webinars

View all

A Partner’s Perspective on Channel Success in 2021

March 23, 2021

XDR and Why it Matters to MSPs

March 24, 2021

Top Security Trends Impacting Technology Security Providers In 2021

March 25, 2021
  • 1

White Papers

View all

Why Fortinet for my MSSP?

March 2, 2021

Small and Mid-Size Business Security: 4 Steps to Success

March 2, 2021

How SMBs Can Secure Endpoints and Remote Workers for the Long Haul

March 2, 2021

Upcoming Events

View all

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

Chinese hacker group #HAFNIUM exploits critical @MSFTExchange Server vulnerability, could impact thousands.… twitter.com/i/web/status/1…

March 7, 2021
ChannelFutures

Our latest #Cybersecurity Roundup highlights #CPVirtual, @Huntresslabs, @Entrust_Corp and @InsightEnt.… twitter.com/i/web/status/1…

March 5, 2021
ChannelFutures

RT @Channel_Expo: A HUGE thank you to our amazing #CPVirtual sponsors and exhibitors! 👏 @ATTBusiness @DellTech @8x8 @lumentechco @telarus @…

March 5, 2021
ChannelFutures

.@okta acquiring rival @auth0 in $6.5 billion all-stock transaction. #security dlvr.it/Rtzwdp https://t.co/4LvHCJuwsR

March 4, 2021
ChannelFutures

.@MicrosoftTeams features are coming to @MSFTDynamics365, the company announced at @MS_Ignite. #MicrosoftIgnite… twitter.com/i/web/status/1…

March 4, 2021
ChannelFutures

.@PreciselyData acquired by Clearlake Capital, @TAAssociates. #digitaltransformation dlvr.it/RtzbKg https://t.co/1rNYnTScxq

March 4, 2021
ChannelFutures

Thanks for attending #CPVirtual. Here's a Day 3 wrap and a look ahead to #CPExpo Homecoming in November!… twitter.com/i/web/status/1…

March 4, 2021
ChannelFutures

.@Veeam announces six annual Impact Partner Awards, with @SHI_Intl, @LogicalisUS, more. #cloud… twitter.com/i/web/status/1…

March 4, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X