IT & Cyber Security – OST – Evolve. Optimise.

Technology Secured

Since the Internet’s arrival and with the digital transformation initiated in recent years, the notion of cybersecurity has become a familiar subject in both our professional and personal lives. Cybersecurity and cyber threats have been consistently present for the last 50 years of technological change. In the 1970s and 1980s, computer security was mainly limited to academia until the conception of the Internet, where, with increased connectivity, computer viruses and network intrusions began to take off. After the spread of viruses in the 1990s, the 2000s marked the institutionalization of cyber threats and cybersecurity.

Finally, from the 2010s, large-scale attacks and government regulations started emerging.

Subsequently, In the age of digitally connected world, organizations seek to secure their IT infrastructure against ever-evolving cyber and other threats. Cyber Security refers to the body of technologies, processes and practices designed to protect networks, devices, applications and data from attack, damage or unauthorized access.

If today, the systems are not designed keeping in mind the future security threats, they remain vulnerable to the security threats. A vulnerability is a weakness in design, implementation, operation, or internal control. Vulnerabilities can be researched, reverse-engineered, hunted, or exploited using automated tools or customized scripts. To secure a computer system, it is important to understand the attacks that can be made against it, and these threats can typically be classified into one of these categories below:

Backdoor
A backdoor in a computer system, a cryptosystem or an algorithm, is any secret method of bypassing normal authentication or security controls. They may exist for many reasons, including by original design or poor configuration. They may have been added by an authorized party to allow some legitimate access, or by an attacker for malicious reasons; but regardless of the motives for their existence, they create a vulnerability. Backdoors can be very hard to detect, and detection of backdoors is usually discovered by someone who has access to application source code or intimate knowledge of the operating system of the computer.

Social engineering

Social engineering, in the context of computer security, aims to convince a user to disclose secrets such as passwords, card numbers, etc. or grant physical access by, for example, impersonating a senior executive, bank, a contractor, or a customer. This generally involves exploiting peoples trust, and relying on their cognitive biases. A common scam involves emails sent to accounting and finance department personnel, impersonating their CEO and urgently requesting some action.

Tampering

Tampering describes a malicious modification or alteration of data. So-called Evil Maid attacks and security services planting of surveillance capability into routers are examples.

Multi-vector, polymorphic attacks

Surfacing in 2017, a new class of multi-vector, polymorphic cyber threats combined several types of attacks and changed form to avoid cybersecurity controls as they spread.

Denial-of-service attack (DoS)

Denial of service attacks (DoS) are designed to make a machine or network resource unavailable to its intended users. Attackers can deny service to individual victims, such as by deliberately entering a wrong password enough consecutive times to cause the victim’s account to be locked, or they may overload the capabilities of a machine or network and block all users at once. While a network attack from a single IP address can be blocked by adding a new firewall rule, many forms of Distributed denial of service (DDoS) attacks are possible, where the attack comes from a large number of points – and defending is much more difficult. Such attacks can originate from the zombie computers of a botnet or from a range of other possible techniques, including reflection and amplification attacks, where innocent systems are fooled into sending traffic to the victim.

Direct-access attacks

An unauthorized user gaining physical access to a computer is most likely able to directly copy data from it. They may also compromise security by making operating system modifications, installing software worms, keyloggers, covert listening devices or using wireless microphones. Even when the system is protected by standard security measures, these may be bypassed by booting another operating system or tool from a CD-ROM or other bootable media. Disk encryption and Trusted Platform Module are designed to prevent these attacks.

Malware

Malicious software (malware) installed on a computer can leak personal information, can give control of the system to the attacker and can delete data permanently.

Direct-access attacks

Privilege escalation

Privilege escalation describes a situation where an attacker with some level of restricted access is able to, without authorization, elevate their privileges or access level. For example, a standard computer user may be able to exploit a vulnerability in the system to gain access to restricted data; or even become “root” and have full unrestricted access to a system.

Side-channel attack

Any computational system affects its environment in some form. This effect it has on its environment, includes a wide range of criteria, which can range from electromagnetic radiation, to residual effect on RAM cells which as a consequent make a Cold boot attack possible, to hardware implementation faults which allow for access and or guessing of other values that normally should be inaccessible. In Side-channel attack scenarios the attacker would gather such information about a system or network to guess its internal state, and as a result access the information which is assumed by the victim to be secure.

Eavesdropping

Eavesdropping is the act of surreptitiously listening to a private computer “conversation” (communication), typically between hosts on a network.

Phishing

An example of a phishing email, disguised as an official email from a (fictional) bank. The sender is attempting to trick the recipient into revealing confidential information by “confirming” it at the phisher’s website. Note the misspelling of the words received and discrepancy as received and discrepancy, respectively. Although the URL of the bank’s webpage appears to be legitimate, the hyperlink points at the phisher’s webpage. Phishing is the attempt of acquiring sensitive information such as usernames, passwords, and credit card details directly from users by deceiving the users. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose “look” and “feel” are almost identical to the legitimate one. The fake website often asks for personal information, such as log-in details and passwords. This information can then be used to gain access to the individual’s real account on the real website. Preying on a victim’s trust, phishing can be classified as a form of social engineering. Attackers are using creative ways to gain access to real accounts. A common scam is for attackers to send fake electronic invoices to individuals showing that they recently purchased music, apps, or others, and instructing them to click on a link if the purchases were not authorized.

Reverse engineering

Reverse engineering is the process by which a man-made object is deconstructed to reveal its designs, code, architecture, or to extract knowledge from the object; similar to scientific research, the only difference being that scientific research is about a natural phenomenon.

Spoofing

Spoofing is an act of masquerading as a valid entity through falsification of data (such as an IP address or username), in order to gain access to information or resources that one is otherwise unauthorized to obtain. There are several types of spoofing, including:
Email spoofing, is where an attacker forges the sending (From, or source) address of an email.
IP address spoofing, where an attacker alters the source IP address in a network packet to hide their identity or impersonate another computing system.
MAC spoofing, where an attacker modifies the Media Access Control (MAC) address of their network interface controller to obscure their identity, or to pose as another.
Biometric spoofing, where an attacker produces a fake biometric sample to pose as another user.

The growth in the number of computer systems and the increasing reliance upon them by individuals, businesses, industries, and governments means that there are an increasing number of systems at risk. Following Systems, Institutions and segments are most affected by Cyber Attacks.

Consumer Devices

Desktop computers and laptops are commonly targeted to gather passwords or financial account information, or to construct a botnet to attack another target. Smartphones, tablet computers, smart watches, and other mobile devices such as self-devices like activity trackers have sensors such as cameras, microphones, GPS receivers, compasses, and accelerometers which could be exploited, and may collect personal information, including sensitive health information. WiFi, Bluetooth, and cell phone networks on any of these devices could be used as attack vectors, and sensors might be remotely activated after a successful breach. The increasing number of home automation devices such as the Nest thermostat are also potential targets.

Internet of things and physical vulnerabilities

The Internet of things (IoT) is the network of physical objects such as devices, vehicles, and buildings that are embedded with electronics, software, sensors, and network connectivity that enables them to collect and exchange data. Concerns have been raised that this is being developed without appropriate consideration of the security challenges involved. While the IoT creates opportunities for more direct integration of the physical world into computer-based systems, it also provides opportunities for misuse. In particular, as the Internet of Things spreads widely, cyberattacks are likely to become an increasingly physical (rather than simply virtual) threat. If a front door’s lock is connected to the Internet, and can be locked/unlocked from a phone, then a criminal could enter the home at the press of a button from a stolen or hacked phone. People could stand to lose much more than their credit card numbers in a world controlled by IoT-enabled devices. Thieves have also used electronic means to circumvent non-Internet-connected hotel door locks.
An attack that targets physical infrastructure and/or human lives is sometimes referred to as a cyber-kinetic attack. As IoT devices and appliances gain currency, cyber-kinetic attacks can become pervasive and significantly damaging.

Utilities and industrial equipment

Computers control functions at many utilities, including coordination of telecommunications, the power grid, nuclear power plants, and valve opening and closing in water and gas networks. The Internet is a potential attack vector for such machines if connected, but the Stuxnet worm demonstrated that even equipment controlled by computers not connected to the Internet can be vulnerable.

Large Corporations

Large corporations are common targets. In many cases attacks are aimed at financial gain through identity theft and involve data breaches. Examples include the loss of millions of clients’ credit card details and other personal Information.
Medical records have been targeted in general identify theft, health insurance fraud, and impersonating patients to obtain prescription drugs for recreational purposes or resale. Although cyber threats continue to increase, 62% of all organizations did not increase security training for their business.

Medical Systems

Medical devices have either been successfully attacked or had potentially deadly vulnerabilities demonstrated, including both in-hospital diagnostic equipment and implanted devices including pacemakers and insulin pumps. There are many reports of hospitals and hospital organizations getting hacked, including ransomware attacks, Windows XP exploits, viruses and data breaches of sensitive data stored on hospital servers.

Financial Systems

The computer systems of financial regulators and financial institutions like the SWIFT, investment banks, and commercial banks are prominent hacking targets for cybercriminals interested in manipulating markets and making illicit gains. Websites and apps that accept or store credit card numbers, brokerage accounts, and bank account information are also prominent hacking targets, because of the potential for immediate financial gain from transferring money, making purchases, or selling the information on the black market. In-store payment systems and ATMs have also been tampered with in order to gather customer account data and PINs.

Aviation

The aviation industry is very reliant on a series of complex systems which could be attacked. A simple power outage at one airport can cause repercussions worldwide, much of the system relies on radio transmissions which could be disrupted, and controlling aircraft over oceans is especially dangerous because radar surveillance only extends 175 to 225 miles offshore. There is also potential for attack from within an aircraft.
The consequences of a successful attack range from loss of confidentiality to loss of system integrity, air traffic control outages, loss of aircraft, and even loss of life.

Automobiles

Vehicles are increasingly computerized, with engine timing, cruise control, anti-lock brakes, seat belt tensioners, door locks, airbags and advanced driver-assistance systems on many models. Additionally, connected cars may use WiFi and Bluetooth to communicate with onboard consumer devices and the cell phone network. Self-driving cars are expected to be even more complex. All of these systems carry some security risk, and such issues have gained wide attention. Simple examples of risk include a malicious compact disc being used as an attack vector, and the car’s onboard microphones being used for eavesdropping. However, if access is gained to a car’s internal controller area network, the danger is much greater.

Energy Sector

In distributed generation systems, the risk of a cyber-attack is real. An attack could cause a loss of power in a large area for a long period of time, and such an attack could have just as severe consequences as a natural disaster.

Government

Government and military computer systems are commonly attacked by activists and foreign powers. Local and regional government infrastructure such as traffic light controls, police and intelligence agency communications, personnel records, student records, and financial systems are also potential targets as they are now all largely computerized. Passports and government ID cards that control access to facilities which use RFID can be vulnerable to cloning.

Being well-established and leading ICT company in the region, we offer complete set of world-class latest IT and Cyber Security Products, Solutions and Services to protect the organizations from an increasing number of electronic threats: from anti-virus and anti-malware to intrusion prevention and detection systems. We help organizations to make their IT and Network infrastructure more secure.

Some of the Cyber Security Areas where we are providing our solutions and services to our customers are:

Unified Threat Management

Unified threat management (UTM) is an approach to information security where a hardware or software installation provides multiple security functions. This contrasts with the traditional method of having point solutions for each security function.

UTM simplifies information-security management by providing a single management and reporting point for the security administrator rather than managing multiple products from different vendors. UTM appliances have been gaining popularity since 2009, partly because the all-in-one approach simplifies installation, configuration and maintenance.

Such a setup saves time, money and people when compared to the management of multiple security systems. Instead of having several single-function appliances, all needing individual familiarity, attention and support, network administrators can centrally administer their security defenses from one computer.

UTMs are now typically called next-generation firewalls. Some of the features of a UTM are:

Network firewall
Intrusion detection & prevention service (IDS & IPS)
Gateway Anti-Virus
Application layer (Layer 7) firewall and control
Deep packet inspection
Web proxy and content filtering
Email filtering for spam and phishing attacks
Data loss prevention (DLP)
Security information and event management (SIEM)
Virtual private network (VPN)
Network access control
Network tarpit
Additional security services against Denial of Services (DoS), Distributed Denial of service (DDoS), Zero day, Spyware protection

Identity & Access Management

IAM products provides the services necessary to securely confirm the identity of users and devices as they enter the network. Establishing identity through secure authentication is key in the implementation of an effective security policy. Authentication devices provides centralized authentication services including single-sign-on services, certificate management and guest management. Further two factor authentication can be achieved through physical and mobile application-based tokens. Network Access Control or NAC solutions support network visibility and access management through policy enforcement on devices and users of organizations network.

Key Highlights

- - Expertise in security technologies and managed services
  - Domain expertise on data center solutions
  - Partnership with world renowned technology partners
  - Certified professionals and solution architect