ARCHIVE FOR THE ‘f-secure’ CATEGORY

Cyber security provider F-Secure launched F-Secure Elements: a new cloud-based platform that streamlines how organizations provision cyber security services.

Available from F-Secure’s service partners with fixed-term license subscriptions, or usage-based billing for greater flexibility, F-Secure Elements empowers organizations to pick cyber security services on terms that accommodate their needs.

Many organizations operate in complex environments dominated by a range of dynamic risks and opportunities. Keeping these complexities in mind, as well as the rising costs of security and the lack of experienced security professionals, it’s no surprise that an overwhelming number of organizations want to simplify how they source cyber security capabilities.

F-SECURE ELEMENTS IS THE FIRST CLOUD-BASED PLATFORM CREATED TO EMPOWER ORGANIZATIONS WITH FAST, FLEXIBLE, AND EASY ACCESS TO CYBER SECURITY SERVICES.

F-Secure Executive Vice President of Business Security Juha Kivikoski says these demands are driving a shift toward providing cyber security as services rather than products.

“Even with updates, products are static and can’t adapt fast enough to keep up with threats, or businesses, as they evolve. Services help businesses stay agile and are more cost-effective when delivered right, which is why the future of our industry is in delivering everything as a service,” he explained. “Having a platform designed for the servitization of cyber security can help organizations get better protection, which is why simplicity and flexibility are F-Secure Elements’ core design principles.”

F-Secure Elements is a modular platform that combines endpoint protection, endpoint detection and response, vulnerability management, and collaboration protection for cloud services (such as Microsoft Office 365).

F-Secure Elements’ key capabilities and benefits include:

• Comprehensive situational awareness and meaningful visibility across assets, configurations, vulnerabilities, threats, and events.
• Streamlined and autonomous operations to ensure efficient workflows and faster responses to real threats.
• Real-time, connected data flow between elements to enable faster detection of threats.
• Intelligent, extended detection and response capabilities for data-informed decisions.
• On-demand option to elevate difficult cases to F-Secure experts.

Usage-based pricing simplifies path to growth

A recent Forrester report emphasized the increasing importance for flexibility and usage-based pricing*: "During the pandemic, many clients became frustrated when vendors wouldn't lower license usage below baselines, even though the organization's usage had dropped off because of staff furloughs. Examine contracts and ask for flexibility to alter the licensing baseline under certain conditions and for the ability to carry forward unused license entitlements into the next year without additional charge."

With the transparency on usage provided via F-Secure Elements’ detailed invoicing for usage-based billing, organizations can make informed decisions on how to control security investments to prevent paying for idle licenses, or services they don’t need.

“Usage-based pricing helps organizations develop and adjust their security capabilities to focus on outcomes, and move from ownership to usership,” said Kivikoski.

F-Secure Elements was launched at SPECIES, F-Secure’s annual global partner conference. Video is available here: https://www.youtube.com/watch?v=axLDbj1_Nb4.

More information on F-Secure Elements is available here: https://www.f-secure.com/elements.

*Source: Forrester: How To Save Money In Security Software Negotiations: Techniques For Preparing For And Conducting Security Software Negotiations To Increase Value. Paul McKay, Sean Ryan, and Mark Bartrick, October 13, 2020.

Further Reading:

• Read more about Servitization @ www.fieldservicenews.com/servitization-and-advanced-services
• Read more about Cyber Security @ www.fieldservicenews.com/cyber-security
• Learn more about F-Secure @ www.f-secure.com
• Read more about F-Secure on Field Service News @ www.fieldservicenews.com/f-secure
• Follow F-Secure on Twitter @ twitter.com/FSecure

F-Secure report documents ransomware getting more fearsome, but there’s reason for optimism...

Cyber criminals continued a barrage of attacks in 2019, spurred on by botnets of infected IoT devices and by attacker interest in the Eternal Blue vulnerability. A new report from cyber security provider F-Secure, Attack Landscape H2 2019, documents a steep increase in attack traffic in 2019 that was unmatched by previous years.

F-Secure's global network of honeypots saw 2.8 billion attack events in the second half of the year. After 2.9 billion in the first half of the year, the yearly total rings in at 5.7 billion attacks. For comparison, 2018 saw just over 1 billion attacks, while 2017 saw 792 million.

Traffic was dominated by attacks hitting the SMB protocol, indicating attackers are still very much interested in using worms and exploits related to Eternal Blue. Telnet traffic and attacks hitting SSH were also high, indicating continued, high attacker interest in IoT devices. Malware found in the honeypots was dominated by various versions of Mirai.

While ransomware spam was observed to have dropped during the course of the year, ransomware itself became more targeted and impactful, inflicting greater damage, targeting enterprises, and demanding sums in the hundreds of thousands of dollars. Modular malware employed a range of tricks, one of which was dropping ransomware as a second stage payload.

The report also features a look back at the past ten years of information security, a decade marked by spates of breaches, the emergence of nation state malware, and devastating supply chain attacks. But going forward, there is reason for optimism, says Mikko Hypponen, Chief Research Officer at F-Secure.

“The last decade was pretty bad for information security, but the next one will be better,” says Hypponen. “It doesn't always look like it, but we are getting better. In the middle of news on major breaches and data leaks, it might look like it's getting worse, but it isn't. If you look at the level of security tools we were using in 2010 and today, it's like night and day. We are going in the right direction.”

F-Secure’s experience working with operators is a critical asset to help telecommunications sector tackle connected home security challenges.

F-Secure will contribute to industry standard group to grow momentum around security and privacy around Connected Home and  Home Broadband.

F-Secure discovers security flaw with the potential to turn hundreds of thousands of load balancers into beachheads for cyber attacks.

Cyber security provider F-Secure is advising organizations using F5 Networks’ BIG-IP load balancer, which is popular amongst governments, banks, and other large corporations, to address security issues in some common configurations of the product. Adversaries can exploit these insecurely configured load balancers to penetrate networks and perform a wide variety of attacks against organizations, or individuals using web services managed by a compromised device.

The security issue is present in the Tcl programming language that BIG-IP’s iRules (the feature that BIG-IP uses to direct incoming web traffic) are written in. Certain coding practices allow attackers to inject arbitrary Tcl commands which could be executed in the security context of the target Tcl script.

Adversaries that successfully exploit such insecurely configured iRules can use the compromised BIG-IP device as a beachhead to launch further attacks, resulting in a potentially severe breach for an organization. They could also intercept and manipulate web traffic, leading to the exposure of sensitive information, including authentication credentials and application secrets, as well as allowing the users of an organization’s web services to be targeted and attacked.

In some cases, exploiting a vulnerable system can be as simple as submitting a command or piece of code as part of a web request, that the technology will execute for the attacker. To make matters worse, there are cases where the compromised device will not record the adversaries’ actions, meaning there would be no evidence that an attack took place. In other cases, an attacker could delete logs that contain evidence of their post-exploit activities – severely hindering any incident investigations.

“This configuration issue is really quite severe because it’s stealthy enough for an attacker to get in, achieve a wide variety of objectives, and then cover their tracks. Plus, many organizations aren’t prepared to find or fix issues that are buried deep in software supply chains, which adds up to a potentially big security problem,” explains F-Secure Senior Security Consultant Christoffer Jerkeby. “Unless you know what to look for, it’s tough to foresee this problem occurring, and even harder to deal with in an actual attack.”   

Jerkeby discovered over 300,000 active BIG-IP implementations on the internet during the course of his research, but due to methodological limitations, suspects the real number could be higher. Approximately 60 percent of the BIG-IP instances he found were in the United States.  

The coding flaw and class of vulnerability is not novel and has been known, along with other command injection vulnerabilities in other popular languages, for some time. Not everyone using BIG-IP will be affected, but the load balancer’s popularity amongst banks, governments, and other entities that provide online services to large numbers of people, combined with the relative obscurity of the underlying security issues with Tcl, means any organization using BIG-IP needs to investigate and assess their exposure.

“Unless an organization has done an in-depth investigation of this technology, there’s a strong chance they’ve got this problem,” continues Jerkeby. “Even someone incredibly knowledgeable about security that works at a well-resourced company can make this mistake. So, spreading awareness about the issue is really important if we want to help organizations better protect themselves from a potential breach scenario.”

F-Secure’s research highlights the broad range of threats facing the global finance industry.