Evidence that awareness training works, CIRA looking for board nominees and another patching warning.
Welcome to Cyber Security Today. It’s Friday, June 4. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
Experts say that buying technology isn’t enough for companies to block successful cyber attacks. While anti-phishing email solutions help flag bad email messages, some get through. These have to be spotted and reported by staff. That’s why security awareness training of staff is also important. A report this week from Barracuda Networks backs this up. Researchers found organizations that regularly train their employees to recognize suspicious emails will see a 73 per cent improvement in the accuracy of employee reporting after only two training campaigns. Still, perhaps as many as three per cent of employees will click on a malicious link or attachment, which is why IT staff have to be ready.
The Canadian Internet Registry Authority, which governs the .ca domain, is looking for new members of its board of directors. Five seats are open this year for election to the 12-person board. Candidates should have experience sitting on a board and have a solid understanding of board governance. It will also help to have experience in the domain name industry and an understanding of internet, IT and privacy law. Interested people have until June 16th to apply. Board members are chosen by a vote of CIRA members. For more details go to cira.ca and look at the top for “Board Elections.”
On Monday’s podcast I mentioned that a group dubbed Nobelium was using a compromised email account from the American Agency for International Development, known as USAID, for spear-phishing attacks. Victims who clicked on links in the emails had their computers infected with malware. The U.S. Justice Department has struck back. It got court orders to seize two domains used in the scheme to distribute the malware. However, authorities warn that seizing these domains won’t remove any infections from compromised computers.
IT administrators have another reason to make sure all software in their systems have the most recent security patches. According to a new report from Cisco Systems’ Talos threat intelligence service, the developers behind what is been called the Necro Python botnet have updated the number of systems it can attack. It is now trying to infect 10 unpatched and vulnerable web applications and Windows’ SMB protocol. These include VMware’s vCenter, the SCO OpenServer operating system and the Vesta Control Panel for web hosting. Cisco urges administrators to apply the latest security updates to all applications in an organization, not just operating systems. They also have to monitor logs for signs of infection.
That’s it for now. I’m off for a few days so this afternoon’s Week In Review podcast will be hosted by IT World Canada editor Alex Coop.
Thanks for listening.