Skip to main content

Posts

Showing posts with the label Cyber Security

Cyber and DDOS – What is it?

We saw in a recent blog from “The Professor” how cybercriminals could create a network of controlled computers to propagate a “BotNet”.   One of the malicious reasons for these powerful networks of control is so that the hacker can perform “Distributed Network Attacks” (DDA’s). We all have experienced this at some level and the outcome is not good for enterprise, corporations, or businesses of any size.  DDA’s create disruption even to our own home operations.   A DDA is sometimes referred to as a Distributed Denial of Service or DDOS attack.  This virus or network of virus’s attacks behind the scenes to take over system resources.  A DDOS could attack switches, hubs, routers. It sometimes will flood the network backbone with nuisance transactions with the intention of sucking up all the bandwidth that might otherwise be necessary for day to day operations. DDOS can bring to a screeching halt the web sites for processing claims, or even shopping cart interfaces for the purchasing o

What is a Botnet - Why do I care?

Today every business is an internet business.  The performance of any business is directly related to the capability and performance of IT.  Therefore, we must all take cyber security seriously.   Let’s start with a botnet by breaking down the word itself.  The first syllable, “bot” is short for robot. The second syllable “net” is from the word network.  A botnet is formed when a hacker writes a computer program that will breach security on a single computer.  It does not stop there.  This computer program called a virus has the capability to take over that computer that it just hacked into. It does not stop there either because this is not good enough for the cybercriminal.  With a botnet, the virus will move from one computer to another, take control of each and then connect all of the disparate computers into a powerful system or network of control.  This is known as a botnet. Cyber criminals are control freaks.  They will sometimes create a virus that controls thousands or

Rugged DevOps

Rugged DevOps is a method that includes security practices as early in the continuous delivery pipeline as possible to increase cybersecurity, speed and quality of releases beyond what current DevOps practices can yield alone. (1) “Rugged “describes software development organizations which have a culture of rapidly evolving their ability to create available, survivable, defensible, secure and resilient software. (2) As business increasingly relies on agile software development, the absence of matching fast-moving security methodologies in the delivery pipeline will essentially increase the risk of a security breach or a cyberattack. Security staff must be imbedded into cross functional teams to ensure a more sustainable and less risky continuous deployment value chain (continuous integration, continuous delivery and continuous testing). The bad guys have already acquired these skills and the use of automation to engage in a continuous attack on our defenses. Security was named

Resilia - Cyber Resilience Best Practices

Operating under a constant threat of cyber attacks is the new normal for many organizations in today’s virtual business environment.  These attacks can come from anywhere, from anybody and at any time.  It is no longer a question of reacting to and then fixing the problem.  Today the question is “How do we prepare the entire organization to be prepared and vigilant to deal with cyber security threats each and every day. A defensive approach is no longer adequate.  A proactive strategy by cyber security teams with the appropriate expertise, capabilities and best practice processes and policies is an absolute must have in order to meet the challenge of recurring engagement with those whose intent is to harm the organization in some way. There must be well defined and documented processes to prevent, where possible, detect and respond with control and countermeasures as quickly as possible while predicting what will happen next.   The introduction of effective cyber resilience requir