8 minute read
THE DEFINITION OF A SUSTAINABLE FUTURE
from Future Ready
by cxoinsightme
REEM ASAAD, VICE PRESIDENT OF CISCO MIDDLE EAST AND AFRICA EXPLORES THE CHANGING BUSINESS LANDSCAPE AND HOW CONVERSATIONS AROUND SUSTAINABILITY MUST ALSO EMBED EQUITY AND OPPORTUNITY AT THEIR CORE.
With the sustainability agenda now in the spotlight across virtually every industry, decision makers are tasked with delivering transparency and value to stakeholders.
Advertisement
R Edward Freeman, author of The Stakeholder Theory, defined the concept that businesses are driven by purpose and creating value for stakeholders, not just shareholders. Buy-in comes from taking stakeholders with you on your journey of creation and innovation, and ensuring they are invested in joint success.
In my experience across a region as vast and diverse as the Middle East and Africa, I have certainly found this to be true. From customers and partners to employees, any group or individual can impact and be impacted by our purpose. At Cisco, we know our responsibilities don’t end with technology. Our purpose is to power an inclusive future for all – to ensure that no one is left behind, that we use our platforms, expertise and ability to create a better world for all of humanity.
Global stakeholders at COP26
At last year’s United Nations Climate Conference, COP26, one of the big themes was ‘working together’. It has become apparent that no one country, industry or visionary can effectively combat climate change alone. And while critiques may have expected more affirmative action from world leaders, we must acknowledge not only the progress in areas such as deforestation, fossil fuels, coal and methane; but equally, the fact that government officials and policy makers from nearly 200 countries actively bought into playing a stakeholder role.
Contributing to crucial conversations
We know sustainability cannot be a siloed debate that happens behind closed doors, among a select few. It should be an ongoing, active dialogue which includes all. As we’ve seen, those most vulnerable to the impacts of climate change are often the ones without a voice in making change. All stakeholders need to be involved and heard, so that we can act as a collective, for the purpose of our shared goals and responsibilities.
In the twin transition to a world that is both digital and green, technology is a key driver. As it turns out, it can also help drive discussions and actions around making that future happen. The COP26 conference leveraged technology to bring attendees together in a historic way. I am very proud of the contribution Cisco made by setting up robust networking and Webex Legislate video conferencing, so that virtual attendees could speak up alongside onsite attendees in 3,000 discussions, huddle inside conversations, and cast votes from around the globe.
With COP27 being hosted in Egypt later this year, attention is already focused on areas such as eco-friendly tourism and transportation, alongside greater efficiencies in the collection and recycling of waste to name but a few initiatives. The region will continue to lead conversations and the call for positive action, showcasing its expertise, enthusiasm and openness to collaborate when COP28 comes to the UAE in 2023. Both COP27 and COP28 will serve as a historic platform on which to elevate many of the dialogues which have already begun and continue to be accelerated during events currently taking place, such as Expo 2020 Dubai.
Inclusivity demands access
Encouraging the building of an inclusive future aboard a healthy and sustainable planet is crucial. For fighting climate change, like any other challenge, we must frame, diagnose and problem solve with input from diverse sources.
We must be inclusive in our definition of stakeholders and use innovative technologies to ensure that everyone has a say. To truly be inclusive, everyone needs access to connectivity, and the technology that empowers us to work together from anywhere. It must be utilised to the best of its, and our ability.
That way, we will have a more complete understanding, learning from experts and people affected by climate change, and ultimately, be able to garner greater stakeholder buy-in to drive the success of the projects that we lead together.
UNDER SIEGE
VMWARE REPORT FINDS CYBERCRIMINALS TARGET LINUX-BASED SYSTEMS WITH RANSOMWARE AND CRYPTOJACKING ATTACKS
As the most common cloud operating system, Linux is a core part of digital infrastructure and is quickly becoming an attacker’s ticket into a multi-cloud environment. Current malware countermeasures are mostly focused on addressing Windows-based threats, leaving many public and private cloud deployments vulnerable to attacks that target Linux-based workloads. Vmware has released a threat report titled “Exposing Malware in Linux-Based Multi-Cloud Environments.” Key findings that detail how cybercriminals are using malware to target Linux-based operating systems include: • Ransomware is evolving to target host images used to spin workloads in virtualised environments; • 89 percent of cryptojacking attacks use XMRig-related libraries; and • More than half of Cobalt Strike users may be cybercriminals, or at least using Cobalt Strike illicitly.
“Cybercriminals are dramatically expanding their scope and adding malware that targets Linux-based operating systems to their attack toolkit in order to maximise their impact with as little effort as possible,” said Giovanni Vigna, senior director of threat intelligence at VMware. “Rather than infecting an endpoint and then navigating to a higher value target, cybercriminals have discovered that compromising a single server can deliver the massive payoff and access they’re looking for. Attackers view both public and private clouds as high-value targets due to the access they provide to critical infrastructure services and confidential data. Unfortunately, current malware
countermeasures are mostly focused on addressing Windows-based threats, leaving many public and private cloud deployments vulnerable to attacks on Linux-based operating systems.”
As malware targeting Linux-based operating systems increases in both volume and complexity amid a rapidly changing threat landscape, organisations must place a greater priority on threat detection.
In this report, the VMware Threat Analysis Unit (TAU) analyzed the threats to Linux-based operating systems in multi-cloud environments: ransomware, cryptominers, and remote access tools.
Ransomware Targets the Cloud to
Inflict Maximum Damage: As one of the leading breach causes for organisations, a successful ransomware attack on a cloud environment can have devastating consequences. Ransomware attacks against cloud deployments are targeted, and are often combined with data exfiltration, implementing a doubleextortion scheme that improves the odds of success. A new development shows that Linux-based ransomware is evolving to target host images used to spin workloads in virtualised environments. Attackers are now looking for the most valuable assets in cloud environments to inflict the maximum amount of damage to the target. Examples include the Defray777 ransomware family, which encrypted host images on ESXi servers, and the DarkSide ransomware family, which crippled Colonial Pipeline’s networks and caused a nationwide gasoline shortage in the U.S.
Cryptojacking Attacks Use XMRig to
Mine Monero: Cybercriminals looking for an instant monetary reward often target cryptocurrencies using one of two approaches. Cybercriminals either include wallet-stealing functionality in malware or they monetise stolen CPU cycles to successfully mine cryptocurrencies in an attack called cryptojacking. Most cryptojacking attacks focus on mining the Monero currency (or XMR) and VMware TAU discovered that 89 percent of cryptominers used XMRig-related libraries. For this reason, when XMRigspecific libraries and modules in Linux binaries are identified, it is likely evidence of malicious cryptomining behavior. VMware TAU also observed that defense evasion is the most commonly used technique by Linux-based cryptominers. Unfortunately, because cryptojacking attacks do not completely disrupt the operations of cloud environments like ransomware, they are much more difficult to detect.
Cobalt Strike Is Attackers’ Remote
Access Tool of Choice : In order to gain control and persist within an environment, attackers look to install an implant on a compromised system that gives them partial control of the machine. Malware, webshells, and Remote Access Tools (RATs) can all be implants used by attackers in a compromised system to allow for remote access. One of the primary implants used by attackers is Cobalt Strike, a commercial penetration testing and red team tool, and its recent variant of Linux-based Vermilion Strike. Since Cobalt Strike is such a ubiquitous threat on Windows, the expansion out to the Linux operating system demonstrates the desire of threat actors to use readily available tools that target as many platforms as possible.
VMware TAU discovered more than 14,000 active Cobalt Strike Team Servers on the Internet between February 2020 and November 2021. The total percentage of cracked and leaked Cobalt Strike customer IDs is 56 percent, meaning that more than half of Cobalt Strike users may be cybercriminals, or at least using Cobalt Strike illicitly. The fact that RATs like Cobalt Strike and Vermilion Strike have become a commodity tool for cybercriminals poses a significant threat to enterprises.
“Since we conducted our analysis, even more ransomware families were observed gravitating to Linux-based malware, with the potential for additional attacks that could leverage the Log4j vulnerabilities,” said Brian Baskin, manager of threat research at VMware. “The findings in this report can be used to better understand the nature of Linux-based malware and mitigate the growing threat that ransomware, cryptomining, and RATs have on multi-cloud environments. As attacks targeting the cloud continue to evolve, organisations should adopt a Zero Trust approach to embed security throughout their infrastructure and systematically address the threat vectors that make up their attack surface.”
