From Daniel Kanu
The Head of Security Operations Centre at the Central Bank of Nigeria, (CBN), Ifeanyi Jude Muonagor, said the bank’s deployment of cyber deception solution in 2017, has yielded positive results.
Muonagor, who spoke virtually at a one day event held in Lagos on the topic, ‘Importance of deception technology and identity security,’ said 80 per cent of system breaches have been linked to compromised credentials.
The event was organized by a Nigerian tech firm, InfoData Professional Services, in collaboration with Attivo Networks.
Muonagor said cyber-attack is so easy to conduct, making it hell for security personnel to deal with all the various incidents coming through with security protection mechanism that have not been full proof. “But with deception solution, it helps the security professional to gain the knowledge of what the attacker was coming to do,” he said.
He added: “In 2017, we (CBN) identified the need for cyber deception technology and we moved with a particular solution. I will not mention names because I am not campaigning for any particular vendor. But we found out that there were fewer activities because of the deployment model.”
In his presentation, a Cyber Security Expert and Lead System Engineer at Attivo Networks, Osama Al-Shatnawi, said cyber-attacks do more damage than conventional warfare. “Everything can be done literally. A single bank lost $70 million dollars through a cyber-attack. I can tell you about electricity companies. Just look at what happened to Ukraine. Power was cut for the whole nation because of the cyber-attack. Any damage can happen due to cyber-attacks and that is why we need to take security seriously.”
Al-Shatnawi said based on different market analysis that have been done by different entities using Attivo with other solutions in place, their detection and protection capability has enhanced by 42 per cent.
Wayne Forsman, the Territory Manager at Attivo Networks, explained why cyber security breaches were on the increase. “Conventionally, we set up a wall around our network, web security, email, next-generation firewalls. But effectively, by not protecting Active Directory (a Microsoft tool used to access networks and other applications), you’ve left the door open.”
He said 80 per cent of current attacks are through Active Directory, the reason why it must be protected. “In order to secure something, you really need to know about it. First, we have an Active Directory assessor which gives you full visibility into Active Directory. It will give you all the vulnerability and mitigation steps to effectively make Active Directory more secure. However, you also need to protect your information, the various profiles created for a user to have rights to a system – passwords, username. You need to protect that information. As for the current gaps, no solution is protecting the information on the Active Directory, which is the gap Attivo has closed.”
According to the President of Infodata Professional Services Global, Chuks Ulu Udensi; “Our commitment to delivering security solutions that are intuitive, intelligent and relevant to the realities of today’s business-critical infrastructure is further bolstered by our partnership with Attivo Networks”.
He said Solutions such as identity detection and response (IDR), IEV and others within the Attivo ThreatDefend®️ Platform gives users the ability to deploy decoy and deception technologies as well as an expanded portfolio of solutions that address the challenges of increased attack destructiveness for a globally distributed workforce as cloud-based solutions drive enterprise business productivity, profitability and efficiencies.
Mr Ulu Udensi further reiterated Infodata’s commitment to the African Technology Landscape, noting:“ We will continue to build, adopt and develop resources and solutions that ensure that our customer’s enterprise infrastructure is stable, secure, predictive and adaptive to the realities of today’s global constantly-evolving threat landscape.
Info Data Regional Solutions Manager, Eze Osiago, explained why the partnership with Attivo Solutions. “Attivo deceptive solution is one of its kind. We have EDRs that do prevention but scenarios where the attacker is already inside, we currently do not have solutions that will detect the malicious insider or the attacker who is already inside. So, Attivo is that missing gap that comes in to say let’s do a scan around and spot anomalies to spot people who are misusing privileges,” he said.
Among the participants at the event were security professionals for various Nigerian financial institutions and other firms.
Michael Nnamdi, a systems security expert with Polaris bank said he gained so much about identity protection and Active Directory security. “I will say that the idea by Attivo is really an interesting one. The idea of trying to protect these credentials, knowing that it is actually the gate to the kingdom,” he said.
Another participant, Kingsley Ozokwo from the information security department at Stanbic IBTC, said learning about how better to secure the Active Directory, is a very valuable experience.
“Active Directory is a major asset for any organization. The fact that there is a lot that can go wrong in that space is the reason we are here. I enjoyed the fact that this is moving us away from the traditional block and restrict, which is virtually what security is all about, to learn from the attackers themselves,” he said.