Cyber security as a service (Csaas)

Blockchain hacked. Once hailed as unhackable, blockchains are now getting hacked. That was the headline of an article by Mike Orcutt that was published

Blockchain hacked.

Once hailed as unhackable, blockchains are now getting hacked.

That was the headline of an article by Mike Orcutt that was published on MIT Technology Review online, on February 19th, 2019.  Here is an extract from the article:

“Early last month [January – Editor], the security team at Coinbase noticed something strange going on in Ethereum Classic, one of the cryptocurrencies people can buy and sell using Coinbase’s popular exchange platform. Its blockchain, the history of all its transactions, was under attack.

An attacker had somehow gained control of more than half of the network’s computing power and was using it to rewrite the transaction history. That made it possible to spend the same cryptocurrency more than once known as “double spends.” The attacker was spotted pulling this off to the tune of $1.1 million. Coinbase claims that no currency was actually stolen from any of its accounts. But a second popular exchange, Gate.io, has admitted it wasn’t so lucky, losing around $200,000 to the attacker (who, strangely, returned half of it days later).

Just a year ago, this nightmare scenario was mostly theoretical. But the so-called 51% attack against Ethereum Classic was just the latest in a series of recent attacks on blockchains that have heightened the stakes for the nascent industry.”

To read the full article, click here >>

Exploits on blockchain goes a long way to show you how there is no technology security system that is un-hackable. What man can make; another man can find vulnerabilities. There is no technology solution that is 100%

The secret is therefore in not implementing a system or systems that are hack proof, but ones where the hack can be prevented if under on-going monitoring.

And that is where cyber security as a service (Csaas) by Summit Consulting Ltd comes in.  When it comes to cyber security, there is nothing like being over secured. You need confidence that your mission critical resources – core banking server, enterprise resource planning (ERP) system and other critical servers like mobile and internet banking servers, email servers and ATM servers and CCTV servers, to mention but a few are safe and sound from risks of manipulation, unauthorized modification and data leakages or deletion.

We have investigated cybercrime cases at over 120 financial institutions in East and South African region. One of the painful things is failing to solve a crime where the client calls you expecting answers.

You need to know that computer forensics is not magic. It is analysis of evidence seized at the crime scene. If such evidence has been tempered with or spoiled, it makes it difficult to solve the case.

Take an example, take a case of CISCO ASA Firewall. By default, the ASA can use up to 1 MB of internal flash memory for log data. If the system admin deliberately does not save the logs to a central server, it becomes next to impossible to aggregate logs and alerts for further analysis to conduct threat intelligence.  In that case, if logs are not backed up to an external logging server outside the company network, it becomes impossible to determine whether the attacker originated from outside the network or was internal; since you don’t have logs from the firewall to analyze and rule out an external originated attack!

Take note that just 1 MB flash memory can store just two days of logs. If the crime is discovered after 3 days, the flash memory would have been cleared and refilled with flesh logs only. So there is no hope to recover logs whatsoever. Solving the crime becomes something very difficult.

Read the full article here

 

Leave a Reply

Your email address will not be published. Required fields are marked *