Finance a Hacker


Knowing and reading everyday all over the internet that some hackers making millions of dollar by hacking your company and steal your precious data and use this for their own benefit is actually financing the hacker, that is why I used the title of this topic “Finance a Hacker” and the funny thing is that you are not even aware of this most of the times!!! You could however avoided this a long time ago but than there is Procurement…

Consequences and lack of technical knowledge from Procurement

Let me briefly explain how this all is working. Say you have a mayor player in the IT service provider field not mentioning any name here. First of all there is a request from IT that wants to implement some security solution company wide. They will ask Procurement to make a PO (Purchase Order) and now suppliers can react to this by presenting their solution including the price. Now Procurement will make a decision based on price and quality which is most of the time based on price, since Procurement does not have a clue how this solution technical is working they decide to go for the cheapest one and there you go, a mayor security problem is just being created by “stupidity” and not knowing any thing about the current technology.

Off course this could be all avoided if the Procurement department had technical knowledge.

Security is a mayor problem these days, as we all know. They only thing is that most of us are not really serious in this to avoid that your precious data is leaking on the street and being used by “others”. Let me tell you frankly what my concern is and what the current status is about Security vulnerabilities and how companies acting on this topic.

Unnoticed

The leak from Cisco was unnoticed for years and still remained unnoticed.

The NSA spy software dating from 2013.

Although there are within the American Government processes to report security vulnerabilities by companies’, say former employees of the NSA against theWashington Post that the intelligence service will never being used.

“This is what happens when security vulnerabilities agencies collect Unsafe their data – worse security for everyone ,” says cybersecurity researcher Kevin Beaumont against the newspaper.

Firewall

By using the Firewall by exploit the vulnerability in Cisco equipment could allow an attacker to gain control over the firewall in a network and data interception.

Most of the companies I have worked with are multi million dollar companies spreading around the globe. These companies do not really spend a lot of their budget for security solutions that actually work! For example if you think that your company is secure by using a firewall than you are so wrong, firewalls are not secure it is like you want to enter and there is a wall but did you know that you can also land within this wall from above or true a back door. Did you know that most administrators are building in a so cold “backdoor” and you as a company do not even aware of this Security vulnerability.

If you are aware of the German Security regulations one of the toughest regulations you should know how in secure your infrastructure actually is. And also the German IT Security Law and The German Telecommunications Act read below more about this topic.

Laws and corporate rules

To ensure the protection and safety of natural and legal persons, data privacy and security matters are subject to stringent legal guidelines worldwide. In its role as a telecommunications company, Deutsche Telekom is especially committed to compliance with various laws and regulations.

In Germany data privacy and data security for telecommunications companies are governed by the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG) and other special laws such as the Telecommunications Act (Telekommunikationsgesetz – TKG) and the Telemedia Act (TMG – Telemediengesetz).

Guaranteed standard

At the international level the Binding Corporate Rules Privacy (BCRP) constitute a uniform data privacy policy developed by Deutsche Telekom for all subsidiaries worldwide. The BCRP supersede the Privacy Code of Conduct, which has set out uniform internal standards relating to the handling of personal data across the group since 2004. Under the new rules the same standards will apply to the collection, storage and processing of personal data by Deutsche Telekom around the world. The BCRP set a guaranteed standard that enable data to be transferred between parts of the company irrespective of the level of data protection in the recipient country.

Binding Corporate Rules Privacy

In May 2014, Deutsche Telekom successfully had its Binding Corporate Rules Privacy recognized as compliant in a European process led by the Federal Commissioner for Data Protection and Freedom of Information. Deutsche Telekom is thus now permitted to transfer personal data outside of Germany in accordance with its BCRP, without the need to obtain permission separately each time.

Key standards

The Binding Corporate Rules Privacy set out all of the key standards that apply to the handling of personal data. In particular, the policy governs the purposes for which personal data may be collected, stored, and processed. In addition, it specifies under which conditions personal data may be processed. Furthermore, the rules contain data security provisions in the form of technical and organizational measures. The rules governing data privacy organization primarily cover the role of the data privacy officer, regular checks on compliance with the BCRP and training for employees, and cooperation with the supervisory authorities. The document also contains extensive rules setting out the rights of the individual data subject.

Deutsche Telekom goes beyond the legal requirements

The Binding Corporate Rules Privacy have been developed in accordance with Germany’s strict Federal Data Protection Act, as well as with European and international privacy guidelines. In several areas, such as transparency and employee training, Deutsche Telekom even goes beyond the legal requirements. Source: Laws and corporate rules

If you take a look at the Cisco security vulnerability disclosure policies and publicationsyou will see in one overview that they’re where already a lot of Security vulnerabilities announced this year. So the basic question is Cisco really that secure?

If you only thinking that all your company and personal data is just laying on a shelf free to grab this and use it for your own benefit of the hacker. For example did you know that some hackers earned more then 22 million US dollar to grab this data and selling this to the highest bidder!!!

We, Mr. Peter Rus, Mike Giligoor and me telling the “market” already since several years now how vulnerable you are? But no actions where taken by none of the biggest companies worldwide. Imaging that you one day discover that your data is being used by a third party and you did not even have a clue how it came there? Well now you know. You also have to be aware what kind of hardware and software you have within your infrastructure, however if you are not aware of this you could also contact us at P@ssport we can do a security check if your equipment is vulnerable, or that your cloud provider is secure or insecure? We can also check your data center and create a full report about all vulnerabilities.

Some more information about the current Cisco vulnerabilities

Alleged NSA hack tools really work or the hacking tools of the NSA are stolen, that remains to be seen. But the leaks that operate them are really. Both Cisco and Fortinet patching now the vulnerabilities that were published last week when the Shadow Brokers some hack tools releases as proof of the quality of the collection that they offer for auction. In accordance with the Shadow Brokers have they captured at a hack of the reported to the NSA related Equation Group. The patches of Cisco and Fortinet take the initial skepticism about the claims of the Shadow Brokers partly road. Or the tools have been developed by hackers who are employed by the NSA remains unclear, and will always remain that perhaps.

Cisco confirms the existence of the vulnerability in an opinion to his customers. The leak existed at least since 2013 in Cisco’s implementation of the Simple Network Management Protocol-code without that Cisco is that in the holes had; the publication of the Shadow Broke brought Cisco itself until the track of the leak.

Vulnerable products that now have to be patched without hesitation, according to the Cisco advice are:

  • Cisco ASA 5500 Series Adaptive Security Appliances
  • Cisco ASA 5500-X Series Next Generation Firewalls
  • Cisco ASA Services Module for Cisco Catalyst 6500 Series
  • Switches and Cisco 7600 Series Routers
  • Cisco ASA 1000V Cloud Firewall
  • Cisco Adaptive Security Virtual Appliance (ASAv)
  • Cisco Fire Power 9300 ASA Security Module
  • Cisco PIX Firewalls
  • Cisco Firewall Services Module (FWSM)

Fortinet also in response to the auction of Shadow Brokers a number of products patched. In this case it is the so-called Fos-firmware of before August 2012. Newer firmware is not vulnerable to the published hack tool. The vulnerable versions of FOS are in accordance with the opinion of the Fortinet: •4.3.8 and older •4.2.12 Re-and older •4.1.10 and older.

Please read also my former blogs on LinkedIn. Will keep you posted on all related Data and Cyber Security topics.

Have a wonderful secure day.

Prof. Dr. Ir. Henk Jan Jansen

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s