535 Connecticut Ave. Suite 104
Norwalk, CT 06854
Empire State Building
350 Fifth Avenue, 59th fl.
New York City, NY 10118

Featured Article

February 14, 2017

Microsoft's Digital Geneva Convention Idea Shows How Vulnerable We Are

Microsoft recently penned a piece about the need for a Digital Geneva Convention which eliminates targeting of tech companies, assists the private sector deal with attacks and which calls for restraint of cyber-weapon development shows how pathetically weak our security has become.

Microsoft’s well-intentioned piece is actually damning regarding the state of global security. Here is why… The company has thrown the kitchen sink at security… Literally. Take a look:

Within Microsoft we’ve forged a unique, internal three-part partnership as part of the 3,500 security professionals from across the company.   The Microsoft Threat Intelligence Center (MSTIC) is our reconnaissance arm, combing through the constant stream of data from our more than 200 cloud services and third-party feeds.  Using machine learning, behavioral analysis and forensic techniques, this dedicated team creates a real-time picture – a security intelligence graph – of cyber activity related to advanced and persistent threats to Microsoft and our customers.

When a threat is detected, MSTIC alerts our Cyber Defense Operations Center (CDOC), an “eyes on glass” command center staffed 24 hours a day, seven days a week by rotating teams of security and engineering professionals from across our product and services portfolio. This team of specialists serves as our frontline, taking immediate action against threats to defend our own systems and protect customers.

As we identify threats, we’re not only working with customers, but using legal process, led by our Digital Crimes Unit (DCU), to respond in new and innovative ways that disrupt attacks, including those launched by nation states.  Last year MSTIC identified an attack pattern that led to a group associated with a nation-state that had registered internet domains using names that included Microsoft and other companies’ trademarks.  We went to federal court, obtained court orders and successfully sought appointment of a Special Master to oversee and expedite additional motions in our case.  Working under this judicial supervision, we can notify internet registries whenever this group registers a fake Microsoft domain and request that control of that domain be transferred immediately to a sink-hole operated by DCU.

Using this novel approach, we can disrupt the nation-state’s use of these domains within 24 hours.  Since last summer, in response to extended nation-state attacks, we have taken down 60 domains in 49 countries spread over six continents.  In each instance we stopped the flow of data to the hackers from any customers whose computers were hacked, we notified the customers of the nation-state attack and we helped them clean their environment and increase their security.

This all sounds great, right? We are in a great position because Microsoft – the most popular target for PC and server-based attacks is spending a fortune to keep us safe. After all, they make the software most of us use so they should be able to easily defend us all. Sadly, this is not the case, in the next paragraph the company says: We’re nowhere close to being able to declare victory.  Governments are increasing their investments in offensive cyber capabilities.  We therefore need to recognize a critical truth – this is not a problem that we can solve solely with each of us acting alone.

The piece then goes on to say that there has been some cooperation between nations but we need a new organization which spans the public and private sector – similar to the UN’s IAEA to truly keep us safer.

The challenge is that cybercrime is often difficult if not impossible to trace – it is very easy to hide your tracks as a hacker and even if you are caught, you can’t necessarily implicate the entity which originated the attack. For example, a hack from Iran could be the government but it could also be hackers paid by another government, a private company, organized crime, a terrorist group or just a rich person with a grudge.

The challenge is if there is money to be made via cybercrime like phishing and ransomware, believe me, people will make sure they are able to launch attacks. Put another way, the global war on Cybercrime through a Digital Geneva Convention will likely be even less effective than the war on drugs.

Companies are on their own. You will eventually get hit by ransomware, your trade secrets will be compromised or your customer data will be stolen.

To minimize the potential threat be sure you work with a company with experience in cybersecurity and do all you can to be prepared. Cloud backups, training, anomaly detection, up-to-date patches, encryption, and rings of security are just a few of the things you need to ensure your company is doing its all to minimize the damage from potential attackers.

A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York CityWhite Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.

To ensure your security, consider one of our most popular services — Auditing & Documentation — which pinpoints vulnerabilities in your infrastructure, process flow and internal security procedures.







Comments powered by Disqus

Related Articles