Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Automated accounts. Show all posts

Balancing Industrial Secure Remote Access: Essentiality and Risk Concerns

As industries continue to embrace digitalization and remote operations, industrial secure remote access has become an essential component of modern industrial automation systems. The ability to connect to and manage industrial assets remotely brings numerous benefits, such as increased operational efficiency and reduced downtime. However, alongside these advantages, there are growing concerns among firms regarding the associated risks and potential vulnerabilities.

A recent survey conducted by industry analysts sheds light on the concerns and perspectives of industrial organizations regarding secure remote access. According to the survey, 76% of respondents considered secure remote access to be critical for their operations. The ability to monitor, troubleshoot, and maintain industrial systems remotely enhances productivity and enables rapid response to operational issues.

Despite recognizing the importance of secure remote access, many firms express apprehension about the potential risks it poses. The survey reveals that 64% of respondents are concerned about unauthorized access and potential security breaches. Industries dealing with critical infrastructure, such as energy, manufacturing, and transportation, are particularly cautious due to the potential impact of a cyber attack on public safety, operational continuity, and financial stability.

To address these concerns, industrial organizations need to adopt comprehensive security measures and best practices for secure remote access. Firstly, implementing strong authentication protocols, such as multifactor authentication, can significantly reduce the risk of unauthorized access. Secondly, establishing secure virtual private network (VPN) connections and encrypted communication channels ensures data confidentiality and integrity during remote sessions.

Additionally, organizations must prioritize network segmentation to isolate critical industrial assets from the broader network. By implementing a defense-in-depth strategy, organizations can mitigate the impact of a security breach and prevent lateral movement within the network. Regular patching and updating of remote access software, firewalls, and security systems are also crucial to address emerging vulnerabilities and protecting against evolving threats.

Furthermore, employee education and awareness play a vital role in maintaining a secure remote access environment. Training programs can help employees recognize and report suspicious activities, understand the importance of strong passwords, and practice good cybersecurity hygiene. Organizations should also enforce strict access controls, granting remote access privileges only to authorized personnel with a legitimate need.

Industrial operations in the present era unquestionably require secure remote access. But businesses' worries about such risks and vulnerabilities must not be discounted. Organizations can strike a balance between the advantages and risks of remote access, ensuring the safety and integrity of their industrial systems in a world that is becoming more interconnected, by implementing strong security measures, adopting best practices, and fostering a culture of cybersecurity awareness.

Automated Bots Pose Growing Threat To Businesses

The capability to detect, manage, and mitigate bot-based requests has become of utmost importance as cyber attackers become more automated. Edgio, a company created by the merging of Limelight Networks, Yahoo Edgecast, and Layer0, has unveiled its own bot management service in response to this expanding threat. In order to compete with competing services from Web application firewall (WAF) providers and Internet infrastructure providers, the service focuses on leveraging machine learning and the company's Web security capacity to enable granular policy controls.

Bot management is not just about preventing automated attacks, but also identifying and monitoring good bots such as search bots and performance monitoring services. According to Richard Yew, senior director of product management for security at Edgio, “You definitely need the security solution but you also want visibility to be able to monitor good bot traffic.” In 2022, for example, the number of application and API attacks more than doubled, growing by 137%, according to Internet infrastructure firm Akamai. 

The impact of bots on businesses can be seen in areas such as inventory-hoarding attacks or ad fraud. As a result, bot management should involve all aspects of an organization – not just security. Sandy Carielli, principal analyst at Forrester Research noted that “bot management is not just about security being the decision-makers. If you're dealing with a lot of inventory-hoarding attacks, your e-commerce team is going to want to say in. If you're dealing with a lot of ad fraud, your marketing team will want to be in the room.”

Bot management systems typically identify the source of Web or API requests and then use policies to determine what to allow, what to deny, and which requests represent potentially interesting events or anomalies. Nowadays, 42% of all Internet traffic comes from automated systems — not humans — according to data from Imperva. To deal with this, Edgio inspects traffic at the edge of the network and only allows ‘clean’ traffic through its network. This helps stop attacks before they can impact other parts of the network. Content delivery networks (CDNs) such as Akamai, Cloudflare, and Fastly have also adopted bot management features as well.

Bot management is clearly becoming a more crucial issue for enterprises as automated attacks increase in frequency. Organizations require all-encompassing solutions to address this issue, involving teams from marketing, security, and e-commerce. Employing such technologies enables organizations to safeguard their resources from dangerous bot attacks while keeping track of reputable good bots. 


Twitter removes nearly 4,800 accounts linked to Iran government

Twitter has removed nearly 4,800 accounts it claimed were being used by Iranian government to spread misinformation, the company said on Thursday.

Iran has made wide use of Twitter to support its political and diplomatic goals.

The step aims to prevent election interference and misinformation.

The social media giant released a transparency report that detailed recent efforts to tamp down on the spread of misinformation by insidious actors on its platform. In addition to the Iranian accounts, Twitter suspended four accounts it suspected of being linked to Russia's Internet Research Agency (IRA), 130 fake accounts associated with the Catalan independence movement in Spain and 33 accounts operated by a commercial entity in Venezuela.

It revealed the deletions in an update to its transparency report.

The 4,800 accounts were not a unified block, said Yoel Roth, Twitter's head of site integrity in a blog detailing its actions.

The Iranian accounts were divided into three categories depending on their activities. More than 1,600 accounts were tweeting global news content that supported the Iranian policies and actions. A total of 248 accounts were engaged specifically in discussion about Israel. Finally, a total of 2,865 accounts were banned due to taking on a false persona which was used to target political and social issues in Iran.

Since October 2018, Twitter has been publishing transparency reports on its investigations into state-backed information operations, releasing datasets on more than 30 million tweets.

Twitter has been regularly culling accounts it suspects of election interference from Iran, Russia and other nations since the fallout from the 2016 US presidential election. Back in February, the social media platform announced it had banned 2,600 Iran-linked accounts and 418 accounts tied to Russia's IRA it suspected of election meddling.

“We believe that people and organizations with the advantages of institutional power and which consciously abuse our service are not advancing healthy discourse but are actively working to undermine it,” Twitter said.

Automated accounts sharing fake news ahead of French polls: Experts

French voters are being deluged with false stories on social media ahead of the country’s presidential election, though the onslaught of “junk news” is not as severe as that during last year’s U.S. presidential campaign, according to a study by Oxford University researchers.

A man looks at campaign posters of the 11th candidates who run in the 2017 French presidential election in Enghien-les-Bains, near Paris, France April 19, 2017. REUTERS/Christian Hartmann.

The study to be published Friday and another published on Wednesday add evidence to complaints by officials in France, Germany and the United States that Russia is trying to replicate its cyber-powered election meddling in American politics.

Just days before France votes in the first round of a presidential election, the study said misinformation at times has accounted for one-quarter of the political links shared on Twitter in France. It defined “junk news” as deliberately false stories and those expressing “ideologically extreme, hyper-partisan or conspiratorial” views with logical flaws and opinions passed along as facts.

“French voters are sharing better quality information than what many U.S. voters shared and almost as much quality news and information as German users share,” according to the study by the Oxford Internet Institute, which will be published on Friday but was made available on Thursday to Reuters.

The French study uses data from a recent week on Twitter but a greater role is being played by Facebook, said Kevin Limonier of the University of Paris VIII, who is studying social media manipulation in the election with a grant from the French government.

Facebook recently suspended 30,000 suspected automated accounts in France. Although it characterized the cleanup as an objective move against spamming, many of the profiles were distributing politically driven misinformation and propaganda.

On Twitter, where automated accounts are allowed, many of the same accounts that promoted Republican Donald Trump in the U.S. campaign last year have turned their attention to pushing conspiracy theories and far-right viewpoints, according to Limonier and Clinton Watts, a former FBI agent and now a senior fellow at the George Washington University Center for Cyber and Homeland Security.