Author: Ilia Kolochenko

Japan being hit by another cryptocurrency heist with $60 million stolen. Ilia Kolochenko, CEO and Founder at High-Tech Bridge: “Unfortunately, even the harsh regulation of crypto markets is no silver bullet. Digital coins are extremely attractive for cybercriminals who can easy launder them and convert into spendable cash, even inspite of some losses due to “transactional commissions”. Most of these operations remain technically untraceable and undetectable, granting an absolute impunity to the attackers. Thus, cybercriminals will readily invest into additional efforts to break in, even if security is properly implemented and maintained. Compliance does not necessarily mean security – major data…

Garter’s Magic Quadrant (MQ) 2015 for Web Application Firewalls (WAF) estimates that the global WAF market size is as big as $420 million, with 24 percent annual growth, making a Web Application Firewall one of the most popular preventive and/or detective security controls currently being used for web applications. PCI DSS 3.1 requirement 6.6 suggests WAF deployment as an alternative to vulnerability scanning while ISACA’s “DevOps Practitioner Considerations” includes WAF in the 10 key security controls that companies need to consider as they embrace DevOps to achieve reduced costs and increased agility. Nowadays, a number of large and midsize companies offer various WAF solutions,…

If you speak with management about money – speak their language and you will definitely get what you need. Almost eight years ago, Bruce Schneier wrote a great article about the problems of ROI calculation for cybersecurity spending within organizations. Since then, both annual spending on cybersecurity and the cost of global cybercrime have significantly increased. Despite that organizations increased their information security budgets by 24 percent in 2016, many security officers still have to justify to their management every extra thousand spent on cybersecurity. Traditionally, Europe is more conservative than US, and many more European security officers are asked to reduce their initial…

Vulnerable web application is just one of the great gifts left for hackers, as it significantly reduces their time, cost and efforts to get into corporate network. So why do companies fail to secure their web apps? There are many ways hackers can get at your Web site and data, but in many of the most recent major data breaches the common weak link has been vulnerable web applications. Despite that many companies still underestimate the importance of web application security in their cybersecurity and risk management strategy. According to PwC’s Global State of Information Security Survey 2016, in 2015…

Growing DDoS attacks more and more frequently try to distract incident response teams in order to hide much bigger security incidents. During this year alone, many security companies have announced a significant increase of DDoS attacks, highlighting growth of their diversity, complexity and quantity. The main resources, usually targeted by the attackers, are web applications or websites. The main victims of DDoS blackmail are banks and financial institutions that own business-critical banking and trading web platforms, downtime of which is very expensive for the victims. However, in some cases a DDoS attack is just a smoke screen to distract IT…

I have been asked by several friends who are CISOs within different organizations if Capture the Flag (CTF) experience makes any difference in how I evaluate incoming CVs for internal IT security auditor or similar positions. This complicated question is also one that I ask myself each time I consider incoming CVs for new penetration tester vacancies that we have. According to ISACA’s State of Cybersecurity: Implications for 2015 report, 72.33% of respondents said that the biggest skill gap in today’s security professionals is ability to understand the business. Another interesting fact from the survey is that the majority of…

With today’s security risks constantly changing, current web solutions may not be as effective as companies think. Not only do businesses have to compete with other vendors, they also face threats from cyber criminals looking to take advantage of security vulnerabilities they have failed to detect and patch. One answer to cyber threats is continuous monitoring, which is becoming a very popular term, both among security vendors and CISOs. In a constantly changing and hostile network environment where new zero-day exploits appear  regularly, continuous monitoring of your organization’s infrastructure is essential. The main role of continuous monitoring is to keep…

The term “Advanced Persistence Threat” fills news pages on a regular basis. According to ISACA APT Awareness Study, 93.6 per cent of respondents consider APTs to be a “very serious threat” for their companies. However, many “APT” attacks, do not really fall under the ‘advanced’ category in terms of the attackers’ sophistication. A very recent exploit, combined with phishing or newly registered domains are rather “low-cost APTs”, for which we should probably introduce the new term “LCAPT” or just “LAPT” to distinguish these from genuine APTs. Genuine APTs usually involves exclusive zero-day exploits, custom-made malware, complicated techniques of data exfiltration to…

What is the relation between growing security spending, increasing hacking attacks and falling economy? Have you ever thought how the global economy and geopolitics influence cybersecurity and cybercrime? Some people may think these are two completely different domains, however they are strongly and permanently related. An interesting example came up during our recent security awareness project at a large, Central European financial institution. The institution was concerned about a significant increase in hacking attempts that involved social engineering and spear phishing campaigns. The security awareness training for all of the employees was validated with a social engineering attack against all employees to…

Ilia Kolochenko of High-Tech Bridge weighs in on the growing threat of ransomweb attacking businesses’ website server.