A lesson in cyber safety

In an article published on 19 June 2023 in globalsecuritymag.fr/, Benoit Grunemwald, cybersecurity expert at ESET France, recounts the cyberattack suffered by REDDIT, an American social news aggregation, content rating, and discussion website, in February of the same year, and draws some lessons from it.

This article follows the hackers' attempts, last repeated on 16 June, to obtain a ransom of 4.5 million dollars in order to delete the 80 GB of data stolen from the company, to which the company did not respond.

The data was not encrypted, so the company did not lose it. However, the same cannot be said for its reputation.

Benoit Grunemwald explains that "It all started with a phishing email to harvest employee account data. All it takes is for a single employee to be trapped for cyber criminals to gain access to internal documents, software code, employee data, etc." He goes on to stress the "need to integrate in-depth security methods and resources, such as zerotrust, segmentation and multi-factor authentication".

We can only endorse this recommendation, because only by respecting the dual rule of ZERO TRUST and MICRO-SEGMENTATION in the IT defence system can we, if not prevent any attack from being carried out (no system can guarantee 100% effectiveness), at least drastically reduce its chances of success and limit the impact by reducing the vulnerable area.

ARCHANGE© 2.0, firewall of next generation, has been created on the basis of these two rules, following the recommendations of the US Department of Defense.

Aucun texte alternatif pour cette image — ARCHANGEL 2.0 SERVER

The ARCHANGEL© 2.0 system is designed to incorporate the ZERO TRUST principle, in all its functions and in the face of everything that is in the process of penetrating the protected network, to compensate for the lack of reliability of the human factor. In the ARCHANGEL© 2.0 system, this ZERO TRUST rule is not applied to the people who have access to the Internet network (because human error is always possible) but to the very functions of the defence system.

ARCHANGEL© 2.0 also incorporates the concept of MICRO-SEGMENTATION, thanks to the VPN server integrated into the firewall and fully protected by it, to which each device on the network must be connected individually and by sector, so that if one device is contaminated it cannot contaminate any other device in the same sector, let alone those in another sector.

https://www.sydeco.co/products/the-archangel/

Tagarfirewall Tagarzerotrust Tagarmicrosegmentation Tagarransomware Tagarreddit TagarArchangel Tagardata Tagarmod

Comments

KEUANGAN & DATA PRIBADI PEMAIN GAME ONLINE DALAM BAHAYA

Melindungi Gamer Online: Memahami Risiko dan Solusi Dalam beberapa tahun terakhir, dunia game online telah mengalami pertumbuhan eksponensial, sejalan dengan meningkatnya nilai aset game. Namun, lonjakan popularitas ini juga membawa segudang risiko yang mengancam para pemain dan operator. Dari upaya peretasan dan pencurian akun hingga transaksi yang tidak sah dan eksploitasi data, bahaya yang mengintai di dunia digital selalu ada. Mengingat tantangan-tantangan ini, sangat penting untuk menjelaskan pentingnya langkah-langkah perlindungan yang kuat dan solusi inovatif. Memahami Lanskap Aset game, yang terdiri dari mata uang virtual, item, dan akun, adalah sumber kehidupan ekonomi game online. Nilainya melampaui ranah virtual, bahkan sering kali melampaui transaksi di dunia nyata. Meskipun demikian, perlindungan konsumen tradisional yang diberikan oleh layanan perbankan dan pembayaran tidak ada di ranah game. Operator platform game sering kali mengadopsi pendekatan laissez-faire, membuat ...

Hospital Security in Question In a recent article titled "Cyberattacks: Public and Private Hospitals, Is the Worst Yet to Come?", Jean-Michel Tavernier1 provides a detailed analysis of why the medical sector is a prime target for hackers. He highlights the vulnerabilities that allow hackers to access sensitive data such as medical records, insurance information, and payment details. The compromise of this data can have severe consequences for individuals' privacy, financial security, and even personal safety, not to mention the financial damage to institutions and the risks to the quality of care provided to patients. System Vulnerabilities Tavernier points to the "excessive interdependence of the entire healthcare chain." Hospitals collaborate with a multitude of interconnected providers and partners, creating numerous opportunities for attackers. He suggests managing the attack surface (ASM), which means controlling and securing all entry points where unautho...

ERRARE HUMANUM EST The Inescapable Nature of Human Error and Its Implications in Cybersecurity To err is human; one could even say it is a defining characteristic of humanity. Who has never made a mistake, whether out of distraction, ignorance, or because it was provoked? No one is immune to making mistakes, and most of the time, they are forgivable, even if their consequences can be very damaging. However, the fundamental, unforgivable error is doing nothing to avoid situations that lead to mistakes. Thus, to minimize errors due to distraction, one should avoid multitasking (for example, a surgeon operating should not be distracted by a nurse recounting her latest adventures) and refrain from performing actio...

Sydeco Blog

Search This Blog