Upstream to the Annual Meeting in Davos that took place on January 22 to 25 in Switzerland, the World Economic Forum presented its Global Risks Report, a report which highlights the main global risks and issues, based on a survey of 1000 international decision-makers from the public sector, private sector, academia and civil society. So what are the main risks that the World is facing?
Cyber risks in the top 5
For the third year in a row, environment-related risks are at the top of the decision-makers’ concerns. They hold the top three of the risks likely to occur in 2019, followed by technology risks which are Data fraud or theft in 4th place, and cyberattacks in 5th.
Thus in 2019, 82% of the interviewed experts
expect data and money theft, and 80% expect services and infrastructures
disruptions resulting from cyberattacks.
The 5 risks most likely
to occur according to experts
Extreme
weather events
Failure
of climate-change mitigation and adaptation
Natural
disasters
Data fraud or theft
Cyberattacks
The top 10 risks in terms of impact
Weapons
of mass destruction
Failure
of climate-change mitigation and adaptation
Extreme
weather events
Water
crisis
Natural
disasters
Biodiversity
loss and ecosystem collapse
Cyberattacks
Critical information infrastructure breakdown
Man-made
environmental disasters
Spread
of infectious diseases
Cyberattacks take the 7th place, and
the critical information infrastructure breakdown the 8th place of
the ranking, hence making it into the top 10.
Regarding technology, Børge Brende, the World
Economic Forum’s President highlights that “Technology
continues to play a profound role in shaping the global risks landscape.
Concerns about data fraud and cyber-attacks were prominent again in the GRPS,
which also highlighted a number of other technological vulnerabilities: around
two-thirds of respondents expect the risks associated with fake news and
identity theft to increase in 2019”. These concerns result from 2018 being
traumatized by the increase of massive cyberattacks, breaches in IT security
systems of States, massive data theft and the increase of artificial
intelligence’s use for carrying out cyberattacks always more powerful.
Last September, Accenture published the research “Gaining Ground On the Cyber Attacker 2018 State of Cyber Resilience” and highlighted the doubling of the cyberattacks number suffered by the companies (232 on average in 2018 versus 106 in 2017 at international level), but also the improvement of the companies’ ability to identify and counter these attacks.
The attacks number has
more than doubled between 2017 and 2018…
This research deserves attention as it
differentiates from many very alarmist reports. If everything is not perfect,
in particular due to the ingenuity and increasing complexity of the attacks,
the companies continue to improve their defense capacity, were able to strengthen
their cyber resilience and stood efficient despite the threats. The companies
are able to defend themselves better, particularly by detecting the attacks
much earlier.
… But where a third of the attacks were
successful in 2017, the part of successful attacks decreased to 1 on 8 (12,5%)
in 2018.
A report that blows hot
and cold
Security teams have made great progress but
there is still more work to be done. Companies now prevent 87% of all targeted
attacks, but are still facing two to three security breaches per month on
average.
Companies might be cyber resilient in two to
three years, but the pressure and the threats’ complexity increase every day.
If 90% of the respondents expect the investment in cybersecurity to increase in
the next 3 years, only 31% think that it will be sufficient.
The new technologies are essential, but the
investments are lagging behind. If 83% of the respondents agreed that new
technologies are essential, only two out of five are investing in AI, machine
learning and automation technologies.
Confidence around cybersecurity measures
remains high, but a more proactive approach of the cybersecurity is needed. If
more than 80% of the respondents are confident in their capacity to monitor
breaches, on the other hand 71% said that cyberattacks are still a bit of a
black box, they do not know how or when they will affect their organization.
The board of directors and management are more
engaged with cybersecurity. 27% of cybersecurity budgets are authorized by the
board of directors and 32% by the CEO. The role and responsibilities of the
CISO must improve towards more transversality in the company.
5 steps to cyber
resilience
Accenture highlights five steps to optimize the
companies’ defense and move towards the ultimate aim of cyber resilience in a
world that continues to change towards new threats territories (artificial
intelligence, omnipresence of the cloud, social networks, smartphones, internet
of things) for more and more complex threats difficult to counter and a need
becoming strategic: the data protection.
Build a strong foundationby identifying high value assets, in order to better protect them
including from internal risks. It is necessary to ensure that controls are
implemented throughout the value chain of the company.
Test the IT security by training
cybersecurity teams
to the best hackers’ techniques. The role plays staging an attack and defense
team with training coaches can allow to bring out the improvement points.
Employ new technologies. For a company, it is recommended
to invest in technologies able to automate cyber defense and in particular to
use the new generation of identity management which relies on multi-factor
authentication and the user behavior monitoring.
Be proactive and anticipate threats by developing a strategic team
(“threat intelligence”) in charge of evolving an intelligent security operation
center (SOC) relying on a collect and mass analysis of the data (“data-driven
approach”).
Evolve the role of the CISO (Chief
information security officer). The CISO is closer to professions, they find the right balance between
security and risk taking and they communicate more and more with the executive
management, which now holds 59% of the security budget versus 33% a year ago.
Conclusion
The Accenture study highlights a real growing
awareness on cyber threats by companies, and the implementation of investment
to better protect themselves. The race is now launched to tend to cyber
resilience, between more and more organized attackers and more and more
sophisticated defense system. See you at the end of the year to make an
assessment of the forces involved.
As 2019 begins, we make three wishes corresponding to an eventful year.
1.A better awareness of the Internet governance.
The main project at the time of
international relations, fake news and voluntary disconnection from the
Internet: the Internet governance should be at the table of the diplomats,
political decision makers and strategic decision makers. France, which shines
in the embassies’ world, should be able to take part in the digital decisions. The
appointment of Henri Verdier as Digital Ambassador is a good thing, hoping that
his knowledge in the private sector will be an absolute strength in his
projects for France. France should be interested in the functioning of ICANN,
the authority of world regulation of the IP addresses and the domain names.
ICANN is recently the subject of strong criticisms regarding potential insider
trading. The American desire to entirely privatize ICANN by suppressing its
links with NTIA needs everyone’s attention.
2. ICANN decided it: a new opening of the root will soon be done. What temporality? That is a mystery. In the meantime, and so as to prevent that the list of the abandoned extensions does not cease to develop, new uses of the new extensions, whether they are opened (.PARIS, .FOOTBALL, .ICU…) or closed (.MMA, .LECLERC, .BCG…) should be found. Today (and tomorrow) the brand protection through a TLD’s possession is a definite advantage in front of the large number of opened extensions. A TLD’s possession can also allow the opening of the scope of possibilities, like .BEST will announce at Namescon at the end of the month (surprise!).
3. The third and last wish, to anticipate the new uses of domain names. While the progress curve of the domain names’ volume increases less than previously, the focus should be on the issue of communication on the Internet. It appears as necessary to propose the registration of all possible domain names one can imagine. This is the consortium Unicode, an American entity which decides which character can be integrated in the IT standards. Let’s follow the evolution of the integration of the characters integrated in the Unicode to identify the future domain names trends. The internationalized domain names were a real positive evolution for web users around the world, myself the first concerned, having an accented first name.
Thus it’s very likely that emojis and other
special characters will become the stars of the upcoming extensions. Soon the .♥.
These three wishes are part of our work at this time.
For example, our participation in the updating of the
methods regarding intangible assets’ financial and extra-financial valuation of
the Thesaurus Capital Immatériel by
the “Institut de comptabilité de l’immatériel”
(Intangible accounting Institute), aims to answer to the need to acknowledge
the domain names’ value by financial managers.
Domain names are the first assets held by web
users. We are fully aware of the responsibility associated to their management,
and our recent developments in terms of operational excellence (ISO 27100) are the
new guarantors.
After the first changing of the cryptographic
key in last October, it is now, on January 11, that the old KSK key (Key
Signing Key) of the root zone will be deactivated.
The process initiated in October 2018 to improve the security of the root zone, with the deployment of the Key Signing Key-2017, finds its achievement with the revoking of the root of the old key KSK-2010.
As indicated by Paul Hoffman, ICANN’s Principal Technologist, “The ICANN organization does not expect problems with the revocation. However, this is the first time a KSK in the Domain Name System (DNS) root has been revoked, so the ICANN org and the DNS technical community will be watching carefully for at least 48 hours after the publication of the revoked KSK-2010.”
To note, during the rollover on October, the
negative impacts were extremely limited and it would seem that only two
Internet services providers were impacted by interruptions during the process.
Of course, ICANN encourages solutions providers to no longer ship KSK-2010 in their products. ICANN should later publish a white paper about the full rollover process, including the lessons learned from this operation. ICANN communities will then be able to open discussions regarding upcoming rollovers that could happen.
As a result of the violation of the anti-abuse policy, the .me registry decided to suspend the Incels.me website for an indefinite period. For reminder, the website possesses a forum that regroups members claiming to be single despite themselves, or “incels”, and who exchange on their daily lives through this mean.
Disturbing comments, the source of the suspension
It is not without surprise that the administrators of the incels.me website saw their forum become inaccessible. The investigations done by the registry have allowed to discover hate speeches, threats of rape and even murder in the comments exchanged between the participants. The decision to shut down the website was promptly made on October 15th, 2018, due to the content that violated the anti-abuse policy. According to the registry, this measure was taken to force the Incels.me administrators to take down the inappropriate contents and to prevent hate speech from appearing on the forum again.
Incels.me website associated to attacks?
Last April, Toronto was the scene of a bloody attack, where a man murdered 10 persons by a vehicle-ramming attack. Before attacking, the man posted a message on social networks, where he declared himself “incel”. This is only after the investigation that the police discovered that the murderer was inspired by some violent contents from the forum of Incels.me. The link is quickly made between the individual and the content inciting hatred, but also rape, exchanged on the forum.
Incels.me financed by a Chinese giant with suspicious activities
The inquiries launched on the website allow to trace back to its main financier. Thanks to these investigations, we know today that the incels.me website is financially supported by a big Chinese entity that in parallel owns more than 54 000 other domain names. The investigators were shocked by the potential of illicit nature of this company’s activities, ZhuHai NaiSiNike Information Technology Co. Indeed, on the thousands of domain names registered, the major part is involved in websites hosting of prescription drugs’ illegal sale.
Despite the suppression requests of the abusive comments present on the incels.me forum, the Chinese company didn’t proceed to the removing. The website will thus remain suspended until the removing of the litigious contents.
In the context of the fight against insecurity on the web, DNS Belgium, the .BE registry, decided to intensify its action by cooperating with the FPS Economy [The FPS Economy, SMEs, Middle Classes and Energy is a Federal Public Service of Belgium which is responsible for contributing to the development, competitiveness and sustainability of the goods and services market in Belgium] in order to shut down fraudulent websites within 24 hours.
Philip Du Bois, general manager of DNS Belgium indicates: “This protocol will enable us to take even more targeted action, together with the FPS Economy, against possible abuses where .be domain names are involved. It underscores our ambition for a high quality and safe .be zone which serves as suitable environment for the further development of the Internet.”
The aim: to ensure
consumers a completely safe Internet browsing on .BE websites.
This procedure will ensure a much higher
reactivity. Indeed, until now, FPS Economy couldn’t request a blocking from the
registry regarding the content, moreover fraudulent websites with correct
identification data (at least of which the forgery couldn’t be proven), were untouchable.
The blocking required a request from the Prosecution, i.e. a two weeks long
procedure, which left plenty of time for the fraudulent website to create
important damages to the consumers. Several hundreds of such websites per year
were concerned!
From December, the 1st 2018, the protocol will then allow at the request of FPS Economy, the DNS Belgium registry to block .BE domain names which:
Are used for fraudulent websites
Host phishing websites
Of course, this procedure will be applied in
the case of serious crimes.
The blocked domain name’s owner will have two
weeks to react against the blocking. Without action of their part within 6
months, the blocked name will expire.
This still too rare initiative is to be
welcomed in a context of the fierce fight against cybercriminality!
The European Data Protection Regulation (GDPR) came into effect on 25th May and its impact on the management of your SSL certificates portfolio is not neutral.
All Certification Authorities have previously always relied on the WHOIS of the domain name that needs to be certified in order to validate that the certificate applicant has the domain name technical operator’s agreement.
In order to validate an order, one of the authentication steps involved sending an email to one of the email addresses (admin or technical) found on the WHOIS.
However, the GDPR has left its mark and registrars no longer have the right to provide domain name owner personal data without the owner’s explicit consent. This means that the WHOIS database is unusable in terms of Certification Authorities being able to send out validation emails.
Faced with this situation, the Certification Authorities propose sending domain validation emails to one of the following generic addresses by default:
What if none of these addresses exist or is it too complicated to create?
There is an alternative solution. The Certification Authorities are able to validate that you have the domain name technical operator’s agreement through TXT record verification in the DNS zone of the domain name to be certified.
By verifying the presence of this TXT record, the Certification Authority is able to:
issue the certificate if it is a simple DV certificate (Domain validation)
continue to the next authentication steps if it is an OV (Organization Validation) or EV (Extended Validation) certificate.
Even with this in mind, the GDPR is changing the game and is having a significant impact on the SSL industry.
If the generic email validation method is not possible and we have to use TXT record verification method then we will indeed see an increase in certificate processing times.
What are the benefits of using Nameshield to manage your SSL certificates portfolio?
As a Registrar, Nameshield offers a unique market advantage for its SSL clients.
Nameshield carries out a pre-authentication process before each order reaches the Certificate Authority. This makes it possible to anticipate any blocking factors and if necessary to act quickly to resolve them:
Modification of a WHOIS
Edition of the zone to set up a TXT record (if the DNS are those of Nameshield)
Creation of alias admin @, administrator @, webmaster @, postmaster @, hostmaster @ (if the MX are those of Nameshield)
Phishing is cybercriminals’ means of choice to hijack users‘ data, posing as a trusty company and then encouraging them to deliver personal information. We are often more inclined to think that this technique is reserved to hackers who try to steal banking or very sensitive information, and yet!
Source : mohamed_hassan via Pixabay
An American student of Ygnacio Valley High School, in California, had a great time reproducing identically the website on which his teachers connect to enter marks and comments. This same student then emailed his teachers to connect to the fake school’s interface, which looked exactly the same as the original one. Thus, he could retrieve their login ID and passwords, and used them in order to raise his grades but also to lower his classmates’ grades.
Arrested by the police, the student said that what he had done was “as easy as stealing a candy from a baby”. Expelled from school, he was identified thanks to his computer IP address.
Quite light in consequence, this data corruption attempt highlights the simplicity of access to this hacking means. Today, phishing is one of the most popular methods and the easiest to implement. Web users, while unaware and fooled by similarities, consequently provide personal, sometimes very sensitive data.
The good news just arrived, Webstresser.org, one of the websites most responsible of million DDoS attacks has been dismantled. This shutdown has been possible thanks to Europol’s active intervention.
For reminder, a DDoS is a cyberattack. The operating mode is to saturate queries servers so the websites hosted on these same servers cannot operate for web users anymore.
Many countries hand in hand to dismantle the network
According to the National Crime Agency’s research, Webstresser.org has been used by hackers for the launching of almost 4 million attacks around the world. Among its victims, there are many British banks.
To carry out this large scale operation, five countries, Croatia, Scotland, Canada, Netherlands and Serbia have combined their best policemen to lend a hand to Europol.
Although this is an operation of international concern, the German, Dutch and American authorities were in charge of closing the website definitely. Now, its operators can’t access it anymore and a message left by the American Ministry of Defense serves as the home page.
Heavy penalties for the hackers
The shutdown of webstresser.org also led to a wave of arrests in many countries like Scotland, Croatia and Serbia. According to the French law, a cyberattack is a criminal offence and the penalties are severe. Thus, if the attack aims individuals, the hacker or hackers can be sentenced to 5 years of imprisonment and a fine of 150 000 euros. If the attack touches the State or its institutions, the penalty can go up to 7 years of imprisonment and a fine of 300 000 euros.
Following this great haul, the Europol spokeswoman and operations coordinator, Claire Georges announced that measures will be taken against all users of the website around the world and that arrests will be expected.
We have learned from the press that Swaziland will change its name at the will of its Monarch.
Indeed, this little South African territory has not changed its name after the decolonization, fifty years ago. It will soon be the case, with the term eSwatini, the country of Swazi. If this information is more of a geopolitical notion, it will have an impact on the country’s abbreviation within the ISO standard 3166-1 alpha 2, and its extension will then change; a similar situation to the one of Kazakhstan, already discussed on this blog.
A new example which highlights the importance of the country’s stability in the choice of an extension used for an active communication.
Nameshield uses cookies
Nameshield wishes to use cookies to ensure the proper functioning of the site and, with our partners, to measure its audience🍪.
Nameshield wishes to use cookies to ensure the proper performance of the website and, with our partners, to monitor its audience. More information in our Cookie Policy 🍪.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-advertisement
1 year
Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent
1 year
Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Cookie
Duration
Description
_ga
2 years
The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_25904574_14
1 minute
Set by Google to distinguish users.
_gid
1 day
Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Cookie
Duration
Description
NID
6 months
NID cookie, set by Google, is used for advertising purposes; to limit the number of times the user sees an ad, to mute unwanted ads, and to measure the effectiveness of ads.
