Security HQ Archives - Security IT Summit | Forum Events Ltd
Posts Tagged :

Security HQ

Supply chain attacks of 2022 on the rise

960 640 Eleanor Barlow

According to Microsoft, the goal of a supply chain attack is to ‘source codes, build processes, or update mechanisms by infecting legitimate apps to distribute malware.’ Supply chain attacks ‘begin with an advanced persistent threat that determines a member of the supply network with the weakest cyber security in order to affect the target organization.’ (CERT-UK report ‘Cyber-security risks in the supply chain’).

Advanced persistent threats (APT’S) are ‘a multiphase, and long-term network attack in which unauthorized users gain access to, and harvest, valuable enterprise data.’ (IBM)

Most often, smaller businesses are the initial targets of these attacks. But these smaller business often provide products and/or services to larger corporations, which then become infected. So, while a small technology company with less than 30 employees may be the initial gateway, anything up to a Fortune 500 business can be impacted.

Take aviation giant, British Airways, for instance. In August 2018, malicious code on the BA website and app was placed to extract customer credit card details and other personal data of over 400,000 customers. While BA was the target, it is likely that third-party suppliers were the original issue here, as ‘third parties may supply code to run payment authorisation, present ads or allow users to log into external services.’ reported the BBC shortly after the attack. The company was fined £20m by the Information Commissioner’s Office (ICO), and new measures with regards to authentication and third-party protocols were put in place.

This incident is one of many. ‘In terms of scale and sophistication, the attack against SolarWinds, in which the highest levels of government were compromised, was unlike an attack seen before. The far-reaching impacts are still being identified today. It is the unpredictability of the attack that was/is the greatest cause for concern, and how attacks like this will influence business and infrastructure in the future. That is why it is important to prepare and safeguard systems as much as possible now, before the damage is done.’- Eleanor Barlow, SecurityHQ

How to Mitigate a Supply Chain Attack

To reduce the chance of becoming a victim of a supply chain attack, implement the right services to detect and respond rapidly, now.

For full visibility of threats targeting you, ensure that you have Managed Extended Detection & Response (XDR) in place.

If you are concerned about the impact of a breach, contact a security expert for advice.

Or, if you think you have been breached, report an incident here.

XDR Service Essentials – Everything you need to know…

960 640 Eleanor Barlow

By SecurityHQ

To keep up with new threats, businesses now require different combinations of detection and response capabilities. XDR is one of the latest security services being promoted by Managed Security Service Providers (MSSP’s) around the globe. The term stands for Extended Detection and Response (XDR) and claims to be the latest in detection, investigation, and response.

What Should XDR Include?

At SecurityHQ, we get vendors asking about XDR daily. For SecurityHQ, XDR is a service that combines multiple feature options, to ensure an enhanced security posture specific to the user/company. Every company is different, and every industry requires different security needs. Which is why our XDR combines Managed Detection & Response (MDR) with a combination of some, or all the following elements, depending on your service needs. These elements include MDR, UBA, Network Flow Analytics, EDR, Threat Containment and Dark Web Monitoring” – Eleanor Barlow, Content Manager, SecurityHQ

User Behaviour Analytics: Identify patterns of usage that indicate malicious or anomalous user behaviour. From launched apps, file access, to network activity, monitor who touched what, when and where an element was accessed, how it was made, and how often.

Network Flow Analytics: View and gain a comprehensive view of your entire network infrastructure, by examining sources, target ports, IP addresses and more.

Endpoint Detection & Response: Continually monitor endpoints, gain full visibility of your whole IT environment, detect incidents, mediate alerts, stop breaches, and receive instant advice.

System X Threat Containment: IR Security Orchestration Automation and Response (SOAR) for accelerated enrichement, playbooks and threat containment.

Dark Web Monitoring: Monitor the dark, deep, and visible web to detect risks and alert, investigate and take down offending content.

Bring Your own License: Whatever features work best for you, either apply SecurityHQ’s own SentinelOne turnkey solution, or bring your own license and merge the package you want.

Core Benefits of XDR

  • Essential Cyber-Solutions and Improved SIEM Experience, Combined for Multi-Layer Protection.
  • Advanced Threat Prevention & Detection with Comprehensive View of Risks via Real-Time Monitoring and Alerting.
  • Compliance Standards Supported.
  • 24/7 Incident Response Supported by GCIH Certified Incident Handlers
  • Cost Saving – No Need to Build Internal SOC Capabilities or Maintain the Required Tools.

To learn more about XDR, the features, and benefits, download the SecurityHQ data sheet here. Or, if you want would like to speak with a security expert, contact our team.