DNS

Category

Posts

GCA Press Release

New AIDE Platform Enables IoT Device Manufacturers to Test Security, Identify and Mitigate Global Attack Risks, and Identify Vulnerabilities


London – August 15, 2019: The Global Cyber Alliance, working with its partners, today launched the Automated IoT Defence Ecosystem (AIDE), a first-of-its-kind cybersecurity development platform for Internet of Things (IoT) products. AIDE enables small businesses, manufacturers, service providers and individuals to identify vulnerabilities, mitigate risks and secure IoT devices against the growing volume of threats to this interconnected environment.

A complementary resource to the AIDE platform is the GCA ProxyPot, a custom IoT honeypot solution developed by GCA, which is capable of replicating one IoT device across multiple IP addresses and physical locations to identify global attack risks quickly, efficiently and accurately. Together, the AIDE and ProxyPot platforms allow for organisations and individuals to have greater visibility into the types and scale of threats facing the IoT devices deployed into various environments, including smart cities and other smart ecosystems.

Visit globalcyberalliance.org to learn more or gcaaide.org to request access to GCA AIDE.

“The number of internet-connected devices has grown exponentially over the last decade and with it the cyber risk to companies, organisations and individuals deploying these devices on their network,” said Philip Reitinger, President and CEO of GCA. “The launch of the AIDE platform furthers GCA’s mission of providing scalable, implementable solutions to organisations of all sizes and budgets to secure their devices and reduce risk.”

With an estimated 14.2 billion internet-connected devices currently in use and a projected increase to 25 billion by 2021, the challenge to identify, analyse and mitigate IoT threats has dramatically increased. Also cause for concern, a recent survey found less than 1 in 3 organisations maintain a privileged-access security strategy for their IoT devices, making the organisations an ideal target for threat actors. These statistics highlight the urgent need for addressing the threats to IoT devices.

The AIDE platform offers capabilities for data collection, analysis and automated defence on a scale not previously attained. As part of its first effort to leverage the AIDE and ProxyPot technologies, GCA is working with Attivo Networks to build a SCADA honeyfarm to collect threat intelligence on attacks targeting industrial control systems.

“We are thrilled to be working with GCA to provide the benefits of deception technology to organizations around the world. IoT devices are notoriously difficult to secure and apply typical prevention measures. As a result, innovative solutions like deception technology are playing a critical role in the early threat detection and response to cyberattacks,” said Marc Feghali, Co-founder and Vice President of Product Management at Attivo Networks. “By creating customized decoys that blend in with production connected devices, organizations can quickly detect attackers, engage them, capture their attack methods, derive their attack signature and divert them away from real IoT infrastructure, mitigating the risk of attacks on Operational Technology (OT) infrastructure.”

Specifically, AIDE allows for the following:

Collection

The AIDE platform will automatically collect IoT attack data through three methods:

  1. Honeyfarms located around the world, including a GCA honeyfarm with more than 1,200 devices, and data feeds from partners;
  2. Virtual IoT devices located on simulated networks; and
  3. ProxyPots that can be distributed around the world and backed by real and virtual IoT devices.

Analysis

AIDE aggregates attack data into an analysis platform that is available to companies, academia, nonprofits and other entities to study IoT attack signatures and patterns. In exchange for access to the data, researchers will share any algorithms developed to help AIDE generate additional information products.

The analysis platform will be used to generate data feeds available to GCA partners and the security community. These feeds will be made widely available throughout the cybersecurity ecosystem to enable IoT attack mitigation.

Automated Defence

The real-time threat feeds generated by the platform can limit and mitigate identified attacks while preventing any further compromise of IoT devices. AIDE allows an edge router/policy enforcement point to use threat feeds to mitigate attacks against the local environment and also relies upon an application of the capabilities of the “Manufacturer Usage Description” standard, through which manufacturers can specify the types of activities and communications that are allowed on their devices. This type of automated defence offers small businesses and home users a way to have free or low-cost protection for their small office and consumer network (home IoT) devices that often have no other way to address IoT vulnerabilities.

“The bad guys do not discriminate when deciding which organisations to target for IoT attacks, so our defences shouldn’t either,” said Adnan Baykal, GCA Global Technical Advisor. “With AIDE, any organisation can access our threat feeds for data, conduct analysis and even search specific activity by username, source IP, destination IP, commands, hashes and geographic location. As we continue to establish partnerships and sponsors, the platform will continue to improve and provide added value to those within the ecosystem.”

###

About the Global Cyber Alliance

The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world. We achieve our mission by uniting global communities, implementing concrete solutions, and measuring the effect.  Learn more at www.globalcyberalliance.org.

 

GCA’s newest report claims organizations could save as much as $200 billion with DNS protection.


Curtis Franklin, Jr., of Dark Reading wrote a piece about GCA’s newest report, The Economic Value of DNS Security. In the article, Franklin mentioned that DNS firewalls could save U.S. organizations between $19 billion and $37 billion in losses. Additionally, DNS protection could save $150 billion to $200 billion in losses globally.

Moreover, there’s no need to believe this protection is unattainable. Phil Reitinger, GCA’s President & CEO, states that DNS security is available at no cost and ensures that it is also easy to configure.

To read Franklin’s full article about GCA’s report, The Economic Value of DNS Security, please click here.

GCA Press Release

More than $10 Billion in Data Breach Losses Over Past Five Years from the Studied Incidents Might Have Been Prevented, and $150 To $200 Billion in Global Losses from Cybercrime


NEW YORK, June 12, 2019 — New research from the Global Cyber Alliance (GCA) has found that Domain Name System (DNS) firewalls, also known as protective DNS, which are freely available and easy to install, could prevent 33% of cybersecurity data breaches from occurring.

Through a simple tweak, DNS firewalls leverage threat intelligence from cybersecurity companies and/or public sources to automatically prevent users from visiting known malicious sites. Most often consumers visit a malicious site when they click on a malicious link or mistype a legitimate web address.  Malicious software on a computer or phone can also cause a visit to a malicious site.

According to Verizon’s long-running and industry-leading Data Breach Investigations Report, there were more than 11,000 confirmed data breaches collected and analyzed over the past five years. Independent researchers Shostack & Associates and Cyentia Institute working with GCA were able to determine that 3,668 of those breaches would have been potentially thwarted if users had a DNS firewall deployed.

“The constant stream of breaches has unfortunately caused many small businesses and consumers to simply accept cyber-attacks – that no matter what they do they cannot protect themselves,” said Philip Reitinger, President and CEO of the Global Cyber Alliance. “However, there are many easy-to-implement steps that can prevent businesses and consumers from being another notch in the belt of a hacker. Our research shows that protective DNS services are among the most valuable.”

According to the study, DNS firewalls might have prevented $10 billion in data breach losses over from the 11,000 incidents in the past five years. And the actual figure may be more – the researchers were unable to measure every case where a DNS firewall could have protected the victim, and their estimate of the financial impact is probably biased low.

Finally, as DNS firewalls might affect one-third of cyber incidents, and with current estimates of the scope of cybercrime, DNS firewalls might play a role in stopping $150 to $200 billion in losses every year.

DNS is the “phone directory” of the Internet as it translates human readable names like globalcyberalliance.org into computer addresses – a string of numbers otherwise known as an IP address. In order to access websites on the Internet, your computer must leverage a DNS service that is usually configured by your Internet Service Provider or your network administrator.

“I’ve always been a big fan of DNS-based controls, and I’m glad to see GCA doing something like this. There are relatively few security measures that address so many threats for so little cost and effort. I’ve configured all my home devices to use Quad9, and I suggest you give it a look as well,” Wade Baker, Ph.D., Partner, Cyentia Institute.

The Global Cyber Alliance, in collaboration with IBM and the Packet Clearing House, developed and launched Quad9, a free DNS security service that blocks known malicious domains, preventing computers and Internet of Things devices from connecting to malware or phishing sites.

A fully detailed report that highlights the GCA methodology and research findings can be found in the following report:  The Economic Value of DNS Security.

###

About the Global Cyber Alliance

The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world. We achieve our mission by uniting global communities, implementing concrete solutions, and measuring the effect. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org.

 

 

OTA badge

After comprehensive audit, the Global Cyber Alliance’s website honored for consumer protection, security and privacy


April 17, 2019 – New York, NY – The Global Cyber Alliance announced that it has been named to the Internet Society’s latest Online Trust Alliance (OTA) Audit and Honor Roll. The Audit and Honor Roll is the de facto standard for recognizing website excellence in consumer protection, security, and responsible privacy practices for the world’s top companies.

“The Global Cyber Alliance (GCA) is pleased to once again be included on the OTA’s Honor Roll. Shining a light on privacy and security practices encourages us to take stock of where we are and what we can do better,” said Shehzad Mirza, Global Cyber Alliance Director of Operations. “At GCA, security and privacy are foremost to our mission. We take seriously our own practices and want others to do the same so we build more trust and confidence in our digital world.”

Over the past three years GCA has been an ardent champion of DMARC, an email authentication protocol, encouraging global adoption and delivering resources to make implementation easier. GCA was also the organization behind the development of the secure DNS service Quad9 (in collaboration with IBM and Packet Clearing House), now an independent organization. Earlier this year GCA launched the GCA Cybersecurity Toolkit for Small Business, an online collection of free tools geared towards small and medium-sized businesses to give them operational tools and guidance to shore up their cyber defenses. Learn more at www.GlobalCyberAlliance.org.

As the only comprehensive, independent online trust benchmark study, the OTA Online Trust Audit evaluates websites in three main categories: domain, brand and consumer protection; site, server and infrastructure security; and privacy, transparency and disclosures. Based on a composite weighted analysis, sites that scored 80 percent or better overall, without failing in any one category, received the honor roll designation (read the entire methodology here).

“In this age where many companies are accused of putting profits ahead of customers, the websites that made the Honor Roll should be commended for their commitment to online trust,” said Jeff Wilbur, Technical Director of the Online Trust Alliance initiative at the Internet Society. “This designation shows that you can be one of the world’s most successful businesses without sacrificing consumer privacy, protection, and security.”

OTA audited more than 1,200 of the top consumer-facing websites spanning banking, consumer services, U.S. government, healthcare, news and media, retail, Internet Service Providers, mobile carriers, email providers, and web hosters. It found that 70 percent of analyzed websites qualified for the honor roll. The Federal government category surged to the front with 91 percent of sites placing on the honor roll. Healthcare, a new sector this year that includes pharmacies, testing labs, insurance companies, and hospital chains, had the lowest overall honor roll placement at 57 percent. More details about the 2018 OTA Online Trust Audit and Honor Roll is at https://otalliance.org/2018HonorRoll.

About the Global Cyber Alliance

The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world. We achieve our mission by uniting global communities, implementing concrete solutions, and measuring the effect. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org.

About OTA

The Internet Society’s Online Trust Alliance (OTA) identifies and promotes security and privacy best practices that build consumer confidence in the Internet. Leading public and private organizations, vendors, researchers, and policymakers contribute to and follow OTA’s guidance to help make online transactions safer and better protect users’ data. The Internet Society is a global nonprofit dedicated to ensuring an open, globally connected, trustworthy, and secure Internet for everyone.