[New report] “Cyber-insurance: cyber risk transfer in Spain”

Friday, April 29, 2016

Yesterday we presented to the media and industry analysts the first report on the cyber risks transfer through cyber policies in Spain, prepared in conjunction with THIBER. It took place in the IE University’s Aula Magna, Madrid. Some of the most important companies in technology, insurance and consulting sectors such as AIG, AON, K2 INTELLIGENCE, MARSH, MINSAIT and TELEFÓNICA in collaboration with the IE University, took part in its production.

This document study was conducted with the aim of meeting a market need to manage cybersecurity risk through insurance protection.

» Download now the full report from our web ElevenPaths

The new threats related to the digital environment, the interconnectivity and the digitization of the Spanish business network prove the need for paradigm shift. The cyber security and risk consultancy providers, the public administration, the insurance sector itself, as well as the rest of the business sector should advocate the cyber incidents integral management, which according to data from INCIBE, increased 180 percent in Spain in 2015 alone.

Thus, there must be a continuous collaboration between the emergency departments of insurance companies, specialized technology companies and ICT departments of insured companies. For that, it will be essential to have a document that would serve as a based on analysis up-to-date tool, and, at the same time, would gather up common work proposals. This is where this new report will become the reference document for the immediate future.

The overall message of the event pointed at Spanish cybersecurity market as a booming market, offering products that improve cybersecurity both at corporate and the administrational level and, there is no doubt that it will give plenty to talk about in the short and medium term. It is the responsibility of all stakeholders to ensure its consolidation.

» Download now the full report “Cyber-insurance: cyber risk transfer in Spain″

More information:

Mobile Threat Protection

Thursday, April 28, 2016

The agreement between Eleven Paths and Check Point on commercialization and technological integration allows Telefonica to complement its Enterprise Mobility Management (EMM) solution with the most advanced mobile protection service.

At ElevenPaths we strongly believe that the only viable Information Security is one that protects all breaches of the corporate perimeter. When criminal organizations attack a corporation, they try to make their way successively to all entry-points in order to break any possible barrier. Hence, the security of the whole system is equal to the security of its weakest front. The security strategies that don´t shield against all possible attack vectors are completely useless versus advanced attacks.

This is the principle that guided us when developing our mobile security service product during the last months. We have implemented two confluent lines of work: on one hand, the capabilities improvement of our product Tacyt; on the other hand a thorough market research looking for the most forward-looking security technology which would meet all and each one of our demanding requirements (depicted in the diagram below) and which would naturally adjust itself to our products and services ecosystem.

We are convinced that the Mobile Threat Protection Service of Telefonica integrated into our Enterprise Mobility Management (EMM) suite is the best and the most comprehensive protection in the world. This service is disruptive for the following reasons:

  • It protects against the three mobile vectors attack. Most of the mobile security solutions are incomplete since they are only able to detect malicious applications, being ineffective against device or network attacks.
  • Behavioural Adaptive Security Analysis. In mobile context, the speed of attacks is almost instantaneous and malware mutation is fast. This has made it undetectable for traditional signature-based antivirus. Therefore MTP includes patented algorithms of behavioural analysis that, in combination with the advanced correlation from Tacyt, allows to detect zero-day attacks
  • Automatic triggering of quarantine policies. The answer to an attack can´t wait. For that reason MTP is integrated with the Telefonica MDM service to immediately trigger quarantine actions in order to isolate all at-risk devices and prevent information theft and lateral movements.
  • A built-in user-friendly service which ensures enterprise productivity. MTP is one more component of the Enterprise Mobility Management (EMM) suite of Telefonica. Thanks to the suite, the Telefonica clients have a single access point for corporate mobility services: connectivity, telecom expenses management, mobilization and productivity processes, mobile device management, and, of course, advanced security. It is also possible to hire some efficient professional services to which delegate the aforementioned services management.
To conclude, we strongly believe that our clients benefit from the best mobile security service available on the market.

*It may be of your interest:

Francisco Oteiza Lacalle

ElevenPaths and Check Point Software Technologies provide joint Mobile Protection Services Globally

Friday, April 22, 2016

Joint offering protects iOS® and Android® smartphones and tablets used in businesses of any size from the cyberthreats that proliferate the worldwide mobile ecosystem.

Madrid, April 22, 2016.- ElevenPaths, a Telefónica company specializing in development of innovative security solutions and Check Point® Software Technologies Ltd. (NASDAQ: CHKP), the largest network cyber security vendor globally, today announced will be a provider of Check Point mobile security technologies for Telefónica corporate customers worldwide.

The agreement between Check Point and ElevenPaths provides Telefónica customers with a suite of mobile security services including Check Point Mobile Threat Prevention and complementary security products developed by ElevenPaths. This new offering will be part of the corporate mobility services Telefónica provides globally today, offering:
  • Protection against the three main vectors of mobile attacks including malicious applications, network attacks and attacks to devices’ operating systems.
  • Visibility and intelligence into the threat landscape of an organization’s entire mobile deployment.
  • Simple and transparent management of enterprise mobile security, while ensuring privacy.

“The Telefónica mobile security and mobility management solution facilitates day-to-day in business communications, guaranteeing productivity and protecting employee devices at all times,” said Pedro Pablo Pérez, vice president of products and services, ElevenPaths. “This agreement provides our customers with unparalleled mobile security with a joint product that combines Check Point Mobile Threat Prevention with Tacyt, a cyber-intelligence mobile threat tool developed by ElevenPaths.”

Check Point researchers continue to see a dramatic escalation in the number and sophistication of targeted attacks on mobile devices worldwide. Attacks like these can make business use of smartphones and tablets a significant risk to the security of sensitive enterprise data accessed on mobile devices.

“We believe mobile devices are the weakest link in corporate security today, leaving businesses susceptible to data leakage and network attacks,” said Amnon Bar-Lev, president, Check Point. “This agreement is a key part of protecting today's businesses, and we’re looking forward to working with Telefonica and Eleven Paths to protect businesses around the world from these threats.”

With this offering, Check Point and ElevenPaths will deliver cutting-edge security for Telefonica customers through integration with ElevenPaths technology, which make it possible for security analysts to identify behavioral patterns displayed by criminal organizations.

» Download press release

For further information:

ElevenPaths y Check Point Software Technologies ofrecemos servicios conjuntos de seguridad móvil

La oferta protegerá smartphones y tabletas iOS® y Android® utilizados en negocios de cualquier tamaño de las ciberamenazas que proliferan en el ecosistema móvil mundial.

Madrid, 22 de abril de 2016.- ElevenPaths, la empresa especializada en el desarrollo de soluciones innovadoras de seguridad de Telefónica y Check Point® Software Technologies Ltd. (NASDAQ: CHKP), el mayor proveedor mundial especializado en seguridad, anunciamos hoy que ElevenPaths será proveedor de las tecnologías de seguridad móvil de Check Point para los clientes corporativos de Telefónica en todo el mundo.

El acuerdo entre Check Point y ElevenPaths ofrece a los clientes de Telefónica un conjunto de servicios de seguridad móvil que incluyen la solución Mobile Threat Prevention de la primera, así como productos complementarios desarrollados por la segunda. Esta nueva oferta será parte de los servicios de movilidad corporativa que Telefónica ofrece actualmente a nivel mundial hoy en día, y ofrecerá:
  • Protección contra los tres vectores principales de ataques móviles: aplicaciones maliciosas, ataques a nivel de red y ataques a los sistemas operativos de los dispositivos.
  • Visibilidad e inteligencia sobre el panorama de amenazas para la totalidad de la infraestructura móvil de la organización.
  • Gestión sencilla y transparente de la seguridad móvil de la empresa, garantizando al mismo tiempo la privacidad.

"La solución de seguridad móvil y gestión de la movilidad de Telefónica facilita el día a día en las comunicaciones del negocio, garantizando la productividad y protegiendo los dispositivos de los empleados en todo momento", ha afirmado Pedro Pablo Pérez, Vicepresidente de Productos y Servicios de ElevenPaths. "Este acuerdo proporciona a nuestros clientes una seguridad móvil sin precedentes a través de una solución conjunta que combina Check Point Mobile Threat Prevention con Tacyt, herramienta de ciberinteligencia contra amenazas móviles desarrollada por ElevenPaths."

Los investigadores de Check Point continúan apreciando una drástica escalada en el número y en la sofisticación de los ataques dirigidos en los dispositivos móviles en todo el mundo. Ataques como estos pueden hacer que el uso de teléfonos inteligentes y tabletas en los negocios entrañe un importante riesgo para la seguridad de los datos empresariales sensibles a los que se accede desde estos dispositivos.

"Creemos que los dispositivos móviles son actualmente el eslabón más débil de la seguridad corporativa, haciendo a las empresas vulnerables ante ataques fugas de datos y ataques a la red", asegura Amnón Bar-Lev, presidente de Check Point. "Este acuerdo es un paso clave para la protección de las empresas de hoy en día, y estamos deseando trabajar con Telefónica y ElevenPaths para proteger a las empresas de todo el mundo de estas amenazas."

Con esta oferta, Check Point y ElevenPaths ofrecerán seguridad de última generación para los clientes de Telefónica a través de la integración de la tecnología de ElevenPaths, que permite a los analistas de seguridad identificar los patrones de conducta que muestran las organizaciones criminales.

» Descargar nota de prensa

Más información en:

Social engineering is more active than ever

The fact that Social Engineering has been the easiest method used by the scammers is not new. What we are going to describe in this blog today has been mentioned in some relevant Security reviews and newspapers, but at Elevenpaths, we are still surprised how easy this is happening.

A few months ago, our customers in the Middle East asked us how to overcome the so-called C-level scam (or Business E-Mail Scams as baptised by the FBI or also known as the “Fake President” fraud).

For the most basic scam, the “bad guy” should need to know the following information:  
  • If a company (let’s call it acme.com) is going through a merger or it has in mind acquiring a company (information obtained over the news, twitter comment insight, general gossip ...). Let’s call this company Muntaleyxp.
  • C-level members and associated domains of the company (not mandatory). Let’s assume miky.wunderbalr@acme.com.
  • Financial controllers or under C-level people in the company. Information can be gathered through Linkedin for example. Let’s assume tom.xly@acme.com.
  • If the merger or acquisition process is done through a third company, find out one of the most relevant person in this company (let’s call it Kmiop). Let’s assume dan.panly@kmiop.com.
With this information the scam occurs as described below:  
  • If the scammer has accessed Miky’s email account though a Trojan for example, it is even easier. But let’s assume it is not the case. If the domain of the company has a letter you can trick such an “l” or “m” ... then register a new domain and use it to send the main email. If not, then he/she can use a Gmail account. For example: miky.wunderbalr@acne.com. miky.wunderbalr@gmail.com.
  • Send the email to tom.xly@acme.com and put dan.panly@kmiop.com in CC (it can even be the real domain but ensuring Dan does not receive the email [misspell it] avoiding he will trigger the alarm and hoping Tom will not contact Dan).

  • Many variants can be used (such as Dan is also part of the scam [this time do not misspell it] and he will provide the bank account details) to perform the scam, but the general idea is there. The receiver (Tom) will be surprised with such message that he may act and do the transfer!
From Elevenpaths we have five suggestions to overcome this problem:  
  • Easiest and obvious one: Pick up the phone and ask the C-Level executive about his/her e-mail.
  • A technical one with its limitations: Try to set-up incoming email rules trying to cover as many misspelling options with C-Level executive names & surnames (with any associated domain), and blocking them. C-Level executive: Miky Wunderbalr (authorised e-mail: miky.wunderbalr@acme.com). niky.wunderbalr, miky.wunderba1r, miky_wunderbalr, miky-wunderbalr, wunderbalr.niky. Along with an e-mail filtering system against identity theft in the Company (acme) properly configured with its associated SPF, DKIM y DMARC registers.
  • A second technical option related to a second/simultaneous factor of authentication: Our Latch product will provide the same concept we used to watch in those Hollywood movies such as Crimson Tide (with Denzel Washington and Gene Hackman) where two keys are needed from different people in order to launch a missile. If we assume “the missile” is the bank transfer itself, then Tom can authorise the transfer and Miky, with his latched account active is also required to do the transfer. Miky will ensure that his latched account is never active during “strange” hours.  
  • The costly one: Have a “powerful” cybersecurity insurance covering social Engineering attacks.
  • Any C-level manager should avoid sharing any news about possible company merger or acquisitions.  
Just remember: The weakest link is always us!