Day 1 RSA Conference 2017 — The Evolution of Cyber Security
Today, tens of thousands of Information Security professionals converged upon San Francisco, CA to mark the opening of the RSA Conference. CIT is in the midst of this convergence to shine the light on what has historically been a radically under-secured segment of the business community – Small to Medium Business. Amongst the giants the and up-and-comers of the InfoSec world much attention is paid, rightfully so, to the large enterprises. These organizations represent hundreds of billions of dollars of assets that are becoming increasingly intellectual and digital in nature. There is an obvious struggle between regulation, compliance, security, and functionality that is evident throughout the entire community. We are here, amongst some of the most brilliant and influential members of the global information security community, in an effort to understand and learn while we share and adapt the mutual experiences and challenges of the global community. Some of the most complex and damaging threats will be discussed, dissected, and analyzed this week. Many of these threats impact large and small business equally. Some of the topics that we’ll explore in depth include:
- Protecting and Defending against Cyberthreats in uncertain times.
- Legal frameworks surrounding identity, cyber-conflict, IOT, and International technology regulations.
- Automated prevention and detection of ransomware that can evolve itself using machine learning and distribution at Internet-scales.
One of the most prevalent threats that is commonly overlooked is the collection and storage of personal information from cloud service providers, content distribution networks (CDN’s), and most major websites. Often, this data is stored in small files that are contained within protected areas of an end-user’s web browser. These files, cookies, contain unique digital fingerprints of the user, computer, and even where in the world they have traveled. When combined, cookies provide a very unique and identifiable fingerprint of an end-user’s digital life. Increasingly, marketing organizations and advertising networks are capturing and storing cookie data for the long term – up to 24 years in many cases. This data allows highly unique and tailored marketing profiles to be built dynamically about each individual over a very long period of time.
Ok, so what’s Malvertising? Glad you asked!
“Malvertising (a portmanteau of “malicious advertising”) is the use of online advertising to spread malware. Malvertising involves injecting malicious or malware-laden advertisements into legitimate online advertising networks and webpages. “
Simply put, it is a hack against an online CDN or Adverting network that intends to inject malicious code into the ads you see on legitimate webpages you visit. Many major sites have been hit with malvertising – latimes.com, aol.com, wsj.com, and so-on. So, what’s new? Well, the hyper-targeting of malicious malvertising using stored or collected cookie data. An example, Let’s say you were a 40-year-old male living in Chicago. Data science tells us that you would be less likely to click on an advertisement for a (fictional) game called “Princess Sparkles candy mania game”. Well, if a malvertiser has compromised the “Princess Sparkles” application they likely don’t want to serve their malvertisement to targets that are unlikely to click and follow the links. Less likely to be noticed. Less likely to be caught. More likely to spread their nastyware to more victims. So, they begin targeting their malvertising using stolen, captured, or stored cookies. That same advertisement displayed to a 10-year-old girl living in rural Indiana may have a very different result. So, what’s different with this threat than a targeted ad? Well, if you are the owner of the website that infects the aforementioned 10-year-old there are a number of issues you may face. The first being your unchecked distribution of malware via your website. A close second is a COPPA violation for collecting, storing, or otherwise using cookie data on a U.S. person under the age of 13. The list goes on from there. What’s COPPA you ask? It’s 15 U.S.C. 6501–6505 (link is external)
“COPPA imposes certain requirements on operators of websites or online services directed to children under 13 years of age, and on operators of other websites or online services that have actual knowledge that they are collecting personal information online from a child under 13 years of age.”
As a small business owner, you or your marketing firm likely installed a few plugins to your website to collect user statistics, some analytical data, and maybe even provide customer service from the site. You don’t intend to collect and store data on children. Well, herein exists the attack and the vulnerability.
There are well-established organizations that service the majority of the largest websites on the planet and protect them from these risks. The same risks are present for Small to Medium businesses. Learn more about the risks and services here: Media Scanner™ protects against malvertising
Are you taking the necessary steps to secure your website and digital marketing assets?
You can learn more by speaking with one of our cybersecurity experts! We can help you navigate the challenges of properly identifying potential threats within your digital business ecosystem.
Contact us to learn more!