NZ Incident Response Bulletin Launched

This week saw the launch of the “NZ Incident Response Bulletin”, a monthly high-level executive summary containing some of the most important news articles that have been published on Forensic and Cyber Security matters during the last month. Each Bulletin also contains several articles written by Incident Response Solutions staff, based on a trending theme. This months theme is “Password Security”.

Incident Response Solutions Director Campbell McKenzie, says “We’ll give you a brief summary of each article, and a link to more information. Why do we publish this bulletin? Because we want to keep you up to date with the latest Forensic and Cyber Security news, so that you aren’t caught by surprise – and you’ll know about risks and changes before they become problems.”

Access the Bulletin here:

Sample extract from Bulletin

Our Views:

A selection of issues relevant to Forensic and Cyber Security matters during the last month. This month’s theme is “Password Security”.

Compromised Passwords

In 2012, around 164 million Linkedin passwords were compromised. The critical risks to the many Linkedin users wasn’t that their online ‘CV’ would be altered, rather whether they had used the same login and password on other accounts such as webmail. Linkedin sent an email shortly afterwards to affected users urging them to change any shared passwords. Passwords from such breaches continue to appear in fake emails, such as the recent ‘webcam’ scam where the subject line contains a password that was probably used by the recipient at some point. The sender says they have used that password to hack the recipient’s computer, install malware, and record video of the recipient through the webcam. The attackers say they will reveal adult-website habits and send video to contacts unless they are sent around $1,000 NZD of bitcoin.

More recently in January, media reported that at least nine New Zealand websites were caught up in one of the biggest password security breaches of all-time. The breach known as ‘Collection #1’ contains 772,904,991 compromised accounts. We recommend checking whether any of your organisations email addresses have been compromised in either this or any other compromise, by running a search on this website

Password Managers

Passwords should be protected against compromise using appropriate tools and policies. One tool is a password manager, which is a secure storage location for all your different passwords. A password manager protects its contents by using a “master” password which should obviously be very strong. A good password manager can also generate secure passwords for you.

A password manager can either be installed locally on your computer or you can access the information from a cloud-based manager. Locally stored password managers should be backed up regularly in case of corruption. Cloud based password managers have the added advantage of being able to access passwords from multiple devices. Accounts can be further strengthened using Two/Multi Factor Authentication (or 2FA/MFA), where the method used can also be stored in the Password Manager.

Cloud Identity

With the proliferation of cloud services, it is not surprising the cloud vendors are providing password manager services built into their offerings. According to a recent media article citing Google, “Users expect agile, mobile work environments across multiple devices, and it’s reshaping how we think about security, access, and control. Admins want to give them this modern, forward-thinking experience, but they don’t want security to be compromised. The perimeter has disappeared.”

Faced with an ever-increasing threat of cyber-attack, a Cloud Identity system offers benefits such as screen locks, remote wipe, 2-Step verification, monitoring of password strength, assessments of your domain’s overall exposure to a data breach, and reporting on which particular users pose security risks.