Indeed, it was reported that cybercriminals are increasingly abusing the most popular cloud apps for cloud phishing and cloud malware delivery. It then warns that enterprises that are using the cloud quickly modernize and extend their security architectures.

Moreover, it was also found out that now up to 61% of all malware are delivered via a cloud app, which is an increase of 48% year-over-year. With cloud apps becoming more and more popular, it makes enterprises a target for phishing attacks and campaigns.

Besides, the volume of malicious Microsoft Office documents has increased by 58%, with cybercriminals using more malicious Office documents as Trojans to deliver next stage payloads, including ransomware and backdoors. With the new work from home system, more users are accessing personal app instances on corporate devices, thus increasing the risks of data being targeted.

The post New research revealed that the majority of malware are delivered via cloud apps appeared first on DevOps Online North America.

The report said: “A large majority of these compromises are the result of weak, guessable passwords and poor password management, followed by targeted phishing attacks and breaches of third-party services.”

According to the post, over two-thirds of Azure attacks came from IP addresses, with 32.5% from the US and 35.1% from China.

The remainder of attacks compromised 116 countries and regions, with Korea only representing 3.1% of attacks.

“Cloud services such as Microsoft Azure are perennial targets for attackers seeking to compromise virtual machines and other services, and these attacks are taking place across the globe,” the report said.

The highest ransomware rates occurred in Europe, with the Czech Republic representing 0.17% of all attacks, and Italy, Hungary and Spain similarly represented 0.14%.

The lowest ransomware encounter rates occurred in Japan (0.012%), China (0.014%), and the United States (0.02%), according to the report.

The report added: “Microsoft recommends that victims of ransomware infections do not pay the so-called fine.

“Ransomware is distributed by malicious attackers, not legitimate authorities, and paying the ransom is no guarantee that the attacker will restore the affected computer to a usable state.”

The report also documented the rise of ransomware, noting that the trend itself has been felt in different degrees based on geographic location.

Written by Leah Alger

The post Microsoft cloud users experience a 300% cyber attack increase appeared first on DevOps Online North America.

The findings show that careless or uninformed employees are most likely to cause a cyber security incident, whilst malware is continuously becoming more sophisticated.

Studies show that a careless accountant could easily open a malicious file disguised as an invoice, as 28% of attacks were targeted on businesses throughout last year through social engineering and phishing.

“Cybercriminals often use employees as an entry point to get inside the corporate infrastructure. Phishing emails, weak passwords, fake calls from tech support — we’ve seen it all. Even an ordinary flash card dropped in the office parking lot or near the secretary’s desk could compromise the entire network — all you need is someone inside, who doesn’t know about, or pay attention to security, and that device could easily be connected to the network where it could reap havoc,” said David Emm, Principal Security Researcher at Kaspersky Lab.

It appears that staff would prefer to put its organisation at risk rather than report the problem, in case of embarrassment or punishment.

‘Careless employees cause 53% of incident’

The research shows that even where malware is concerned, careless employees cause 53% of incidents.

Slava Borilin, Security Education Programme Manager at Kaspersky Lab said: “The problem of hiding incidents should be communicated not only to employees, but also to top management and HR departments.”

Adding: “If employees are hiding incidents, there must be a reason why. In some cases, companies introduce strict, but unclear policies and put too much pressure on staff, warning them not to do this or that, or they will be held responsible if something goes wrong. Such policies foster fears, and leave employees with only one option — to avoid punishment whatever it takes. If your cyber security culture is positive, based on an educational approach instead of a restrictive one, from the top down, the results will be obvious.”

35% of businesses are hoping to improve security through delivering training to staff, and 43% want to deploy more sophisticated software.

Written from press release by Leah Alger

Read more from DevOps Online | Follow us on Twitter

The post ‘Employees make businesses vulnerable’ says report appeared first on DevOps Online North America.

New ChatOps tool

Writing in the streaming service’s tech blog, senior engineers Michael Grima, Andrew Spyker and Jason Chan, introduced HubCommander, a ChatOps tool for GitHub management.

Netflix uses GitHub extensively for both open source and internal projects. The engineering team at Netflix highlighted some key challenges, particularly related to user management.

“Management of many users on GitHub can be a challenge without tooling. We needed to provide enhanced security capabilities while maintaining developer agility.”

“To reduce complexity, we enforce a consistent permissions model across all of our organizations. This allows us to develop tools to simplify and streamline our GitHub organization administration.”

Why ChatOps?

The Netflix approach leverages ChatOps, which utilises chat applications for performing operational tasks.

Increasingly popular amongst developers, ChatOps leverages chat tools that are ubiquitous, provide a single context for what actions occurred when and by whom, and also provide an effective means to provide self-serviceability to developers.

Security in GitHub organisations

Security is paramount for Netflix, and the company follows a permissions model that applies the principle of least privilege, but is still open enough so that developers can obtain the access they need and move fast.

“While we permit our developers to have write access to all of our repositories, we do not directly permit them to create, delete, or change repository visibility.”

Additionally, all developers are required to have multi-factor authentication enabled. All of our developers on GitHub have their IDs linked in our internal employee tracking system, and GitHub membership to our organizations is removed when employees leave the company automatically (we have scripts to automate this).”

Netflix also enables third-party application restrictions on its organisations to only allow specific third party GitHub applications access to its repositories.

Contributions from the developer community

“If you’d like to extend these features, we’d love contributions to our repository on GitHub,” the Netlix engineers said.

Stethoscope, Netflix’s first project following a user focused security approach

In another blog post, Jason Chan, Director of Engineering – Cloud Security at Netflix, discusses the open sourcing of Stethoscope, a web application that collects information for a given user’s devices and gives them clear and specific recommendations for securing their systems.

“The notion of ‘User Focused Security’ acknowledges that attacks against corporate users (e.g., phishing, malware) are the primary mechanism leading to security incidents and data breaches, and it’s one of the core principles driving our approach to corporate information security. It’s also reflective of our philosophy that tools are only effective when they consider the true context of people’s work,” Chan said.

Education, not automatic enforcement

The reasoning behind Stethoscope is primarily education and helping employees stay safe from phishing, malware, and other exploits on personal devices – outside of Netflix’s direct control.

“If they fall for a phishing attack on their personal laptop, that may be the first step in an attack on our systems here at Netflix,” Chan said.

Edited from sources by Cecilia Rehn.

The post Netflix open sources ChatOps tool for GitHub management and user focused security web application appeared first on DevOps Online North America.