Author Archives: TecAdmin

Businesses across the globe may have embraced big-data strategies but more than half are struggling to keep up with the volume, variety, and velocity of data, according to new surveys highlighting just how much poor data management is costing.

Fully 15 per cent of 2100 surveyed IT decision makers said they aren’t coping well with the explosion of data and a further 45 per cent said they were coping but were having “some issues”, Cloudera’s new Enterprise Data Maturity Research Report found.

Similar proportions reported issues around the rest of the ‘5 Vs’ of data – variety, veracity, velocity, and value of data – with 90 per cent of respondents admitting that their organisation would be generating more revenues if it could figure out how to manage data more effectively.

Just half of respondents said their organisation has had an enterprise data strategy in place for more than a year, with a third saying they had implemented such a strategy in the past year and 14 per cent still working on a strategy.

Although sectors such as financial services, retail, and telecommunications had become “extremely data savvy”, Cloudera vice president and managing director for Australia & New Zealand Robert Yue said, Australian organisations were behind global benchmarks when it came to turning data strategies into measurable business outcomes.

“The challenge now,” Yue said, “is how to do more with data as we focus our sights on the anticipated economic upswing of 2022 despite the continued challenges of COVID-19.”

“We’re seeing a significant behavioural shift related to the broader industry trend that ‘every company is a software company’,” he continued, noting moves such as Commonwealth Bank of Australia’s investments in AI firm H2O.ai and property-tech startup Own Home.

“Many of our customers are finding innovative ways to overcome pain points like speed, to anticipate and stay ahead of their own customer needs.”

Fully 79 per cent of respondents admitted that they have not yet centralised and integrated their big-data infrastructure across the organisation – compared with 65 per cent globally – and 71 per cent said they have not yet “democratised” their systems by providing access to analytics tools to all employees.

Better data means better business

Despite pandemic-era pressures to increase digital transformation and improve the use of data, many companies still aren’t good enough at collecting and analysing their data.

Fully 87 per cent of respondents to Experian’s latest Global Data Management Research Report said they had become more reliant on quality data and insights, with 83 per cent flagging the importance of AI-driven ‘DataOps’ strategies to integrate data into everyday decision-making.

Although widespread access to good-quality data is closely linked to better decision-making, 72 per cent of respondents said they have so much data that it’s hard to see where better data management can add the most value.

“The last year has tested every industry, with a new requirement for business models to be agile and change in line with their customers’ rapidly shifting demands,” said Andrew Abraham, Experian’s global managing director for data quality.

“Businesses who have improved their data quality were not just better equipped for this but exceeded their performance expectations.”

That said, many companies are struggling to get the skills they need to actually improve data quality – with 84 per cent admitting that skills deficiencies are hampering organisational agility and flexibility.

“Business experiences with data accuracy, and issues around how data is managed, remain and are unlikely to improve,” Abraham said, “unless businesses upskill current employees and continue to work with wider industry and government on addressing the data skills gap.”

Democratisation of data was a critical way of closing this gap by leaning on cleaner, more-accessible data to help every employee get the insights they need.

Making this happen is still proving challenging, however: more than a third of respondents to a recent InterSystems study said they weren’t satisfied with their current data management technology stack, and 55 per cent said they would prioritise technologies for building data-driven organisations this year.

Companies like Allianz Australia, Cloudera’s Yue said, are addressing this deficiency by focusing on building internal culture and “empowering their people to become data champions.”

“This, in turn, supports their customers through access to new levels of actionable data and information about their portfolio. They are a great example of an organisation getting it right.”

Businesses are already ducking and covering as the invasion of Ukraine drives a surge of cybercriminal attacks, but the publication of yet another severe security vulnerability has given malicious actors new ways to attack medical and other devices anywhere in the world.

The vulnerabilities – which were revealed and documented by security firm Forescout and have collectively been dubbed Access:7 – are found in a library called PTC Axeda, and its companion Axeda Desktop Server application.

Axeda is used by many Internet of Things (IoT) manufacturers to enable the remote management of devices – but its poorly-designed authentication, including use of hardcoded credentials and unauthenticated services, means that attackers can easily access and control connected devices.

Six other vulnerabilities enable cybercriminals to access devices, reconfigure them, control them remotely, disconnect them, and more.

That’s a major problem for the healthcare environments that make up around 55 per cent of Axeda’s user base – where the software powers systems administering life-sustaining medical care including imaging, laboratory, ventilation, infusion, ventilation, implantables, and surgery.

Over 150 potentially affected devices, from over 100 vendors, have already been identified – from vendors like Abbott, Acuo, Carestream, GE Healthcare, Varian, and Bayer – and Axeda is also used in ATMs, industrial, and other settings.

PTC paid $235m for Axeda back in 2018, integrating the remote management tool into its broader ThingWorx IoT platform and then ending support for Axeda at the end of 2020.

With so many installed devices still so easily exploitable, the vulnerabilities were given CVSS scores as high as 9.8 out of 10 – motivating the US Cybersecurity & Infrastructure Security Agency (CISA) to publish an Industrial Control System (ICS) Advisory warning of the low-complexity attack.

Affected devices should, CISA advised, be disconnected from the Internet, isolated from business networks, and patched with the latest software versions.

New fears in a climate of unrest

Coming on the heels of high-risk vulnerabilities like the SolarWinds hack and recent Log4j disaster, yet another critical weakness would be a concern even in normal times – but as nation-states and rogue security experts fight an escalating proxy war online, companies running affected devices must be aware of the risks of collateral damage even here in Australia.

Chinese cybercriminals, in particular, have been observed quickly taking advantage of new vulnerabilities to attack targets.

A Chinese government-aligned APT group called TA416, security firm Proofpoint recently warned, has been targeting phishing campaigns against European diplomatic, refugee and other targets for several years – with increasing frequency before and during the current conflict.

Each new vulnerability provides another arrow in the quiver of nation-state groups and cybercriminal gangs, which regularly mobilise to exploit new vulnerabilities before businesses can patch them.

Aubrey Perin, lead nation-state threat intelligence analyst with Qualys, noting that China tapped the recent Log4j vulnerability within “mere hours following CISA’s advisory” to compromise government systems in two US states.

With recent analyses suggesting that 30 per cent of Log4j systems still yet to be patched, Perin said, “organisations that continue to leave this flaw unaddressed are hitting the snooze button when it comes to the wake-up calls that China and other adversaries are delivering.”

The increasing cybercrime threat is, he added, “a critical point for inflection and a reminder that… while all eyes have been diverted to Russia and Ukraine, there are still other threats that are present and must be closely watched.”

Harsh economic sanctions were meant to punish Russia for its invasion of Ukraine, but there are already signs that Russia’s government and wealthy oligarchs may be using cryptocurrency to work around Western financial controls.

Backed by tax havens around the world including Switzerland and Monaco, direct sanctions on Russian President Vladimir Putin and the wealthy oligarchs that support him have frozen billions in assets.

Thanks to direct sanctions blocking Russian airlines, gas pipelines, ships, and a range of other products, “we are inflicting pain on Russia and supporting the people of Ukraine,” US President Joe Biden said during this week’s State of the Union address – lauding “powerful economic sanctions” that had cut 30 per cent of the ruble’s value, crippled its stock market, and left the economy “reeling”.

Despite his optimism, however, monitoring of cryptocurrency markets suggests that Russian businesses and wealthy individuals are already adapting to the new normal.

The volume of high-value daily cryptocurrency transactions – those worth more than $US100,000 – was worth $22b ($US16b) when Western countries blocked Russia from the global SWIFT payments network on 26 February – and had quadrupled to $88b ($US64b) just two days later.

Yet this rapid growth isn’t the most significant part, said Rance Mashek, president and founder of trading platform iVest+, who noted that the difference between inflow and outflow was just $55m ($US40m).

That means the entities conducting those large transactions are buying and selling almost exactly the same amount of cryptocurrency.

That, in turn, suggests that they aren’t investing in crypto to hold onto it, but are instead using it as a form of currency exchange.

Looking back over the past 90 days of data, Mashek told Information Age, “this is the biggest disparity between large block transactions happening and the lack of inflow and outflow.”

“What do you deduce from that except that it looks like this is transactional? That’s what you can do out there – move out of the ruble into the US dollar or Australian dollar – and do it through Bitcoin.”

SWIFT retribution

The figures are a reminder of the challenges that cryptocurrencies and decentralised finance (DeFi) pose for the world’s governments, which have struggled to keep up with criminals that value cryptocurrency’s anonymity and non-traceability – and exploited DeFi to launder nearly $12b last year alone.

High net-worth criminal ‘whales’, like the Russian oligarchs targeted in the current sanctions, are currently holding more than $34.5b ($US25b) in cryptocurrency, according to a new Chainalysis report that identified 4068 criminal whales – a third of which received 90 per cent or more of their funding from known illicit sources.

Based on the time zones of criminal transactions, Chainalysis concluded, the largest number of cryptocurrency whales were found in the UTC+2, UTC+3 and UTC+4 timezones – which correspond to Kyiv, Moscow/St Petersburg, and Dubai, respectively.

“The ability to efficiently track criminal whales and quantify their holdings from one public data set is a major difference between cryptocurrency-based crime and fiat-based crime,” the firm notes.

“In cryptocurrency, transactions are saved on the blockchain for all to see [and] investigation of criminal whales represents a significant opportunity for government agencies.”

While law-enforcement authorities have had some success in tracking down and recovering cryptocurrency ransomware payments, Mashek notes that this was possible because authorities knew where the first payment had come from – giving them somewhere to start following the money trail.

“But if they don’t know what it is,” he said, “how can they follow it?”

Even as one Russian oligarch publicly warned that sanctions won’t stop the conflict, world governments are preparing further measures – but because conventional financial systems are based on transparency and the rule of law, experts warn they can only do so much.

Russia likely anticipated the prospect of sanctions, they say – and if the now global pariah can transact with other rogue nation-states in secret using anonymous and untraceable cryptocurrencies, the result could well be an alternative trade system operating under the noses of global financial authorities.

Just as the COVID-19 pandemic normalised remote working and the use of remote-collaboration tools like Zoom, Mashek believes a surge in use of cryptocurrency – including many legitimate efforts by charities and relief efforts – could normalise its role in international commerce.

If the conflict “lasts for a prolonged period, and [cryptocurrency] starts to become the norm in this environment to get things done, that is just going to put that much more of a stamp of approval” on cryptocurrency, he said, noting that exchange platforms would be tested like never before throughout the conflict.

“The short term is going to prove it or not,” he explained. “If crypto doesn’t hold its security, that’s going to show a vulnerability – but if it does, and it shows that it can handle the increase in flow and that the transactional volume can be supported, that’s going to be pretty strong.”

“Getting that widespread societal adoption might take a while, but so far we have not seen anything that indicates that is a problem.”

It’s easy to forget, when a hybrid war like the one currently raging in Ukraine is occupying so much attention, that ordinary criminal lowlifes continue to seek victims, and the war only gives them another pretext to dangle in front of the unwary.

That’s happening right now. Avast warns that criminals have begun, in their sorry but entirely foreseeable way, to exploit people’s sympathies for those suffering in Ukraine. “As cybercriminals seek to take advantage of the chaos,” the company writes in its blog, “we have tracked in the last 48 hours a number of scammers who are tricking people out of money by pretending they are Ukrainians in desperate need of financial help. In the past, we have seen similar scams for people stuck while traveling or looking for love. Unfortunately, these attackers do not operate ethically and will use any opportunity to get money out of people willing to help others in need. What’s suspicious is the immediate mention of Bitcoin, as well as the usernames that consist only of letters and numbers.”

Other criminals (and here Avast credits their colleagues at ESET) are hawking “UkraineTokens,” whatever those might be. In that scam the crooks are combining sympathy with fashion. It’s easy to imagine the marks thinking, well, we’d like to help, and didn’t we see ads for tokens or something on T.V.? Maybe that’s how things are done nowadays. The UkraineToken scam is fairly easy to see through, since it’s marked with the poor grammar and loose idiomatic control that usually distinguishes fraudulent pitches.

This kind of social engineering hasn’t been confined to any one channel, Avast points out. “There have also been reports of similar scams spreading on TikTok and other social media sites. In general, we strongly advise not to send any money to unknown people directly, especially in any form of cryptocurrency, as it is virtually impossible to deduce if it is a person in need or a scammer.”

If you’re moved to help, Avast advises doing so through well-known, credible, trusted organizations, and doing so through those organization’s official websites, not through links shared in social media.

It’s sad that criminals would seek to take advantage of people’s best impulses during a time of crisis, but such is the criminal world. New-school security awareness training can enable your employees to thwart both sophisticated and rudimentary phishing attacks.

New IRS requirements will soon be used as phishbait, according to Gene Marks, owner of Marks Group PC and a columnist for the Guardian.

“Beginning for the 2022 tax year, if you receive more than $600 in total payments during the course of the year from a payment service like PayPal, Venmo (which is owned by PayPal), Square, Stripe or online sales of your products made through Amazon, Etsy and other marketplaces – regardless of how many customers are paying – that payment service is required to report that amount to the IRS and to you by sending a Form 1099-K – used for reporting payments via these third parties – in early 2023,” Marks explains.

Scammers frequently pose as the IRS, and the new rules give them new material to use in phishing attacks.

“Starting mid-year, I predict, millions of individuals and small businesses will be receiving requests from payment services they used asking to provide or update their personal information – including their social security and tax identification numbers – so that those services can comply with the new 1099 rules,” Marks says. “They’ll come by email mostly, although some will be by text. Unfortunately, a scammer can also send a fake text or email – or millions of fake texts and emails – to small businesses that look genuine but surreptitiously divert you to a fake website that not only collects your most personal data but also can download malware into your network to be used for future attacks and mischief.”

Marks says that people should be on the lookout for phishing attacks that pose as payment providers asking for financial information.

“Take a few minutes to visit every one of your payment service providers’ websites and update your 1099 information,” Marks says. “Train your financial employees that may be receiving email requests to know what to look for. If you’re not sure of a sender, then ignore the email. Report any suspicious requests directly to the payment service provider. If you are submitting information, make sure you’re doing it directly on the payment provider’s website and avoid clicking on any links in an email. Otherwise you’ll be opening yourself up to serious problems. By mid-year I predict you’ll be hearing a lot more about this scam. Start paying attention now.”

As laws and regulations change, their very unfamiliarity can open up new, initially plausible lines of social engineering. New-school security awareness training can prepare your employees for new trends in phishing attacks.