• CYBER SECURITY
    FOR THE 21ST CENTURY

    Many organizations have security policies, IDS or encryption’s in place. However, they are still being compromised and are not focused on the most effective practices. This is where Milli Micro Systems comes in. Rely on us to stop major breaches of security and even the most elementary of mistakes.

ABOUT MILLI MICRO SYSTEMS

OFFERING VITAL SECURITY
TRAINING FOR A
DANGEROUS WORLD

The Military uses independent training programs,
can you afford not to?

Our customers have included the US Army, US Navy,
US Air Force, National Guard, Department of Interior,
Department of Veterans Affairs, Metropilitan
Water District, County of Los Angeles, State of
California, Chicos FAS, and many more.

CYBER NEWS FEED
  • Trump doc claims Russia has cracked Telegram messaging service January 12,2017

    Trump doc claims Russia has cracked Telegram messaging service

    The raw intelligence document published this week that contains salacious stories about Donald Trump also offers up a glimpse into how Russia goes about its cyber spying – including the tidbit that it has cracked Telegram’s encrypted instant messaging service.While none of the 35-page...

  • IDG Contributor Network: DDoS takedown powered by IoT devices September 26,2016

    IDG Contributor Network: DDoS takedown powered by IoT devices

    DDoS attacks are nothing new, nor is it new for Krebs on Security to be a target, but the recent attack that forced the site off the network is reported to have been powered entirely by internet of things devices.Former U.S. Defense offensive security researcher and founder of IoT cybersecurity...

  • BrandPost: Authentication and Business Context: Answering the “Who? What? And Where? November 6,2017

    BrandPost: Authentication and Business Context: Answering the “Who? What? And Where?

    Traditional authentication solutions require a trade-off between security and usability, often deployed with a “one-size-fits-most” strategy. But today there’s a whole lot more at stake, so enterprises need more to effectively protect critical applications when delivering access in a world...

  • Researchers link Middle East attacks to new victim in Europe March 6,2017

    Researchers link Middle East attacks to new victim in Europe

    Kaspersky Labs announced new research this morning that shows some links between the massive Shamoon attack that took down 35,000 computers in Saudi Arabia to a new attack against a target in Europe.The Shamoon attack, which occurred in 2012, was followed by a series of related against against...

  • The 16 biggest data breaches of the 21st century September 7,2017

    The 16 biggest data breaches of the 21st century

    Data breaches happen daily, in too many places at once to keep count. But what constitutes a huge breach versus a small one? CSO compiled a list of 16 of the biggest or most significant breaches of the 21st century.This list is based not necessarily on the number of records compromised, but on...

  • Today, $50 off Sennheiser’s HD1 In-Ear Wireless Headphones – Deal Alert October 23,2017

    Today, $50 off Sennheiser's HD1 In-Ear Wireless Headphones - Deal Alert

    The HD1 In-Ear Wireless headphones from industry veteran Sennheiser combines immaculate sound quality with take-anywhere mobility. Utilizing a sleek ergonomic design and crafted with high-quality materials, this premium headset exudes luxury. Exceptional wireless hi-fi sound is assured thanks...

  • IDG Contributor Network: Newly elected French president raises questions in trying to dupe hackers May 11,2017

    IDG Contributor Network: Newly elected French president raises questions in trying to dupe hackers

    Honeypots. This simple, but efficient technology has existed for over a decade. Now it has transformed into a major trend of cyber deception in the information security industry. Many cybersecurity companies offer great solutions to dupe and track attackers in real-time, adding new tools for APT...

  • Health records are the new credit cards March 19,2015

    Health records are the new credit cards

    Forget credit card numbers. The hot new data for the modern bad guy is the electronic health record, which is not only worth more on the black market, but is easier to get.According to a 2014 BitSight report, the health care industry has been lagging behind when it comes to security...

  • Myth versus fact: Open source projects and federal agencies September 2,2016

    Myth versus fact: Open source projects and federal agencies

    Many agencies in the federal government use approved public repositories for open source software development. According to the General Services Administration (GSA) GitHub dashboard, there are 236 federal organizations using a combined 5,254 project repositories.More federal agencies are...

  • BrandPost: Mirai Botnet Descendants Will Lead to Even Bigger Internet Outages December 22,2016

    BrandPost: Mirai Botnet Descendants Will Lead to Even Bigger Internet Outages

    Hackers iterate constantly and at a frightening rate. Whenever a new piece of malware finds success, a million imitators and successors will pop up. The marketplace of ideas guarantees that the most successful of these variants will rapidly spawn offshoots of their own. We’ve seen this in the...

  • BrandPost: The Lessons of WannaCry Attack June 28,2017

    On May 12, what experts are calling “the largest ransomware infection in history”[1] was launched against more than 200,000 computer targets in 150 countries. Called “WannaCry,” the hack cast a harsh light on the growing threat of ransomware, and that of Distributed Denial of Service...

  • Zero-day Windows file-sharing flaw can crash systems, maybe worse February 3,2017

    Zero-day Windows file-sharing flaw can crash systems, maybe worse

    The implementation of the SMB network file sharing protocol in Windows has a serious vulnerability that could allow hackers to, at the very least, remotely crash systems.The unpatched vulnerability was publicly disclosed Thursday by an independent security researcher named Laurent Gaffié, who...

  • Not so startling revelations of how a hacker broke in October 6,2016

    Not so startling revelations of how a hacker broke in

    Trust no oneImage by PexelsAt the heart of every exploit, the vulnerability always lies in the target’s trust for attacker supplied input. This is true whether the attack is network-based or a hacker is trying to gain physical access to a specific location. To effectively mitigate risk, companies...

  • BrandPost: Threat Intelligence: The Fuel that Powers Cyber Defenses September 19,2017

    BrandPost: Threat Intelligence: The Fuel that Powers Cyber Defenses

    For anyone reading the news regularly, it’s not hard to grasp that cyber threats are getting more sophisticated and damaging by the day. From a security technology provider’s perspective, I can add that tackling them is a fast mounting challenge for the millions of businesses that come under...

  • How to configure your Chromebook for ultimate security June 8,2016

    How to configure your Chromebook for ultimate security

    A Chromebook is already an ultra-secure computer straight out of the box. Since it doesn’t run a traditional operating system and takes advantage of various Google-powered security measures, Chrome OS is well-guarded against all the miscreants lurking out there on the Web.But you can always do...

  • EFF says Cisco shouldn’t get off the hook for torture in China January 13,2016

    EFF says Cisco shouldn't get off the hook for torture in China

    Cisco Systems built a security system for the Chinese government knowing it would be used to track and persecute members of the Falun Gong religious minority, according to the Electronic Frontier Foundation technology rights group. Falun Gong practitioners alleged the same thing in a lawsuit...

  • IDG Contributor Network: Treasures attackers look for in the sea of email September 30,2016

    IDG Contributor Network: Treasures attackers look for in the sea of email

    As we dive into October, cybersecurity awareness month, there are lots of strategies to help us all become stronger swimmers in the digital waters. Given that there are 112 billion business emails sent around the world every day, that is one huge ocean that everyone can learn how to better...

  • 7 steps to start a bug bounty program November 8,2016

    7 steps to start a bug bounty program

    A new approachImage by ThinkstockVulnerability assessment and identification strategies have evolved to include the concept of crowd sourced security testing through bug bounty programs. While bug bounty programs have been used for over 20 years, widespread adoption by enterprise organizations has...

  • Israeli soldiers hit in cyberespionage campaign using Android malware February 17,2017

    Israeli soldiers hit in cyberespionage campaign using Android malware

    More than 100 members of the Israel Defense Forces (IDF), the majority of them stationed around the Gaza strip, fell victim to a cyberespionage attack that used malicious Android applications to steal information from their mobile devices.The attack campaign started in July and continues to...

  • IDG Contributor Network: Who owns your data? November 27,2017

    IDG Contributor Network: Who owns your data?

    Who owns your data? Well, that depends on where you live. If you own it then you should have control over it. If you don’t own it, then how secure is it? The recent large-scale breaches that affected the majority of Americans prompted the Senate Commerce Committee to hold a long overdue...

GET THE LATEST CYBER SECURITY NEWS & UPDATES
WHAT TO KNOW

IMPORTANCE

Why Is Cyber Security Important?
The increasing number and sophistication of cyber threats (targeting phishing scams, data theft, and other online vulnerabilities) require us to remain vigilant securing our systems and information.

The average computer does not have proper security controls in place. New attack methods are found every day. There were 183 million accounts compromised in Q3 of 2014 [1]. The number of phishing sites leaped by 10.7 percent over the fourth quarter of 2013[2]. These are just a few examples, and they highlight the importance of cyber security for protecting data and systems.

With BYOD becoming ubiquitous in the workplace, the “trend in cyber security is that IT leaders are losing control of their technology. It’s a trend that obliterates how security has traditionally worked and it can’t be stopped.”[3] Refusing to adapt is more expensive than investing in a new approach.

MMS has that new approach. We know Cyber Security should never be an afterthought, but instead integrated into every new project from the start. Our 5-step program is designed to deal with 95% of security problems right off the bat.

But wait, why aren’t all computer systems secure?
Partly due to hard technical problems, but also due to cost/benefits issues, Security costs and Security usually only pays off when there’s trouble. Typically, it’s the users’ perception that there is no real threat to themselves and they trust everyone, “Here is my password, I trust you’re not going to do anything bad, I don’t have any secrets.” and when that information gets out the user is now compromised. The user is not taking into account how their infected computer can hurt others.

This isn’t just an end user issue either, many key decision makers, as well as the employees in organizations, have this attitude. That is why we have added the 5th step to our program: Training. With the proper training stakeholders and employees can understand the importance of cyber security as a business process, not just something for the I.T. department. The I.T. department exists in an advisory and support capacity but cannot solve all problems by itself. It is in user’s and organization’s best interest to obtain the right knowledge to protect themselves from cyber threats. Our training in cyber security will ensure users will be aware of all important threats and how to be a smart user.

Cyber Security is an important Business issue, but like everything else unless you get buy-in across the board, Cyber Security policies and procedures will be ignored.

  1. http://www.safenet-inc.com/news/2014/q3-data-breaches-compromise-183-million-customer-accounts/
  2. http://docs.apwg.org/reports/apwg_trends_report_q1_2014.pdf
  3. John Pescatore, director of emerging security trends at the SANS Institute

LEADING THREATS

There are many threats, some more serious than others. Some examples of how your computer and systems could be affected by a cyber-security incident – whether because of improper cyber security controls, manmade or natural disasters, or malicious users wreaking havoc-include the following:

Interruption Threats:Denial-of-service refers to an attack that successfully prevents or impairs the authorized functionality of networks, systems or applications by exhausting resources. What impact could a denial-of-service have if it shut down a government agency’s website, thereby preventing citizens from accessing information or completing transactions? What financial impact might a denial-of-service have on a business? What would the impact be on critical services such as emergency medical systems, police communications or air traffic control? Can some of these be unavailable for a week, a day or even an hour?

Malicious Code Attacks:Malware, worms, and Trojan horses: These spread by email, instant messaging, malicious websites, and infected non-malicious websites. Some websites will automatically download the malware without the user’s knowledge or intervention. This is known as a “drive-by download.” Other methods will require the users to click on a link or button.

Botnets and zombies: A botnet, short for robot network, is an aggregation of compromised computers that are connected to a central “controller.” The compromised computers are often referred to as “bots” or “zombies”.These threats will continue to proliferate as the attack techniques evolve and become available to a broader audience, with less technical knowledge required to launch successful attacks. Botnets designed to steal data are improving their encryption capabilities and thus becoming more difficult to detect.

“Scareware” – fake security software warnings: This type of scam can be particularly profitable for cyber criminals, as many users believe the pop-up warnings telling them their system is infected and are lured into downloading and paying for the special software to “protect” their system.

Social Network Attacks: Social networks can be major sources of attacks because of the volume of users and the amount of personal information that is posted. Users’ inherent trust in their online friends is what makes these networks a prime target. For example, users may be prompted to follow a link on someone’s page, which could bring users to a malicious website.

Top 5 Social Networking Attacks

  1. Fake offering
    These offers invite users to use a free gift card or discount coupon; to receive these offers the user must share personal information with the scammer.
  2. Fake Plug-in Scams
    These trick the user into downloading a fake extension or web browser. The infected extension or browser will begin to steal password data and other sensitive information.
  3. Like-jacking
    The fake “Like” button on websites to get users to click on the button; once the user clicks on the “Like” button an installation begins with malware and other malicious code.
  4. Fake-Apps
    Typically, the app is legitimate, but it’s bundled with malware then released again by the attacked and once the user installs or uses the app the malware is released on their machine to wreak havoc.
  5. Manual Sharing
    User is sharing the infected offering that will intrigue other users without knowing what was shared was malicious.

For more information visit: http://msisac.cisecurity.org/

SECURITY VS SAFETY

Safety: Protection from negligence, accidental damage and hurt.

Security: Protection from malign intent.

The difference is People cause security events. This distinction is critical to understanding the role security must play in your organization. Security is therefore a “people problem.” Security programs are only effective when they control the people who have access to those assets.

There are many laws and regulations surrounding safety, but very little time and energy is based on security.

Security is often seen as a checkbox or a list of compliance requirement by an agency. It is often an afterthought and a poorly executed one at that. Frequently the focus is to just make it work and worry about security later. This is of course detrimental to the organization.

  1. http://www.rmasecurity.com/2014/07/the-difference-between-safety-and-security/


REQUEST MORE INFO.

Complete the request form below to learn more about Our Cyber Security Options.

captcha