emt News Desk
emt Distribution is featured in a number of channel and security publications, with vendor announcements, industry insights and cyber security specific commentary. Stay up to date with all the emt Distribution news and check in regularly.
Crayon’s emt Distribution Strengthens Email Cloud Security for Partners in APAC with New Hornetsecurity Distri Agreement
ANZ Channel, emt, News, Press ReleaseCrayon Fortifies ‘Journey to Value’ for Partners with Extended Cybersecurity Services
ANZ Channel, emt, News, Press ReleaseCrayon Advances Its Regional Channel Integration Strategy: Adds nine vendors to security portfolio.
ANZ Channel, emt, News, Press ReleaseAutomox Joins Crayon to Enhance IT Operations Management Capabilities of emt Distribution and rhipe Partners
ANZ Channel, emt, News, Press ReleaseCybersecurity expert, DNSFilter, joins the emt Distribution a Crayon company vendor portfolio
ANZ Channel, emt, News, Press Releaseemt Distribution partners with BlackBerry to strengthen cybersecurity offering in Australia and New Zealand
ANZ Channel, BlackBerry, News, Press Releaseemt Distribution brings iboss Zero Trust cloud security platform to Australia, New Zealand, Singapore and Hong Kong
emt, iboss, News, Press Releaseemt Distribution brings Axiomatics and its leading dynamic authorisation solutions to Asia, Australia and New Zealand
Axiomatics, emt, NewsAISA CyberCon 2021 Wrap-up
ANZ Channel, emt, News, Stealthbits, ZeroFoxZeroFox deepens ANZ market expansion in new partnership with emt Distribution, a rhipe company
ANZ Channel, emt, News, ZeroFoxOrchestra Group’s Harmony solutions manage protection, prevent malicious WiFi, Bluetooth and IoT threats, and continuously test cybersecurity controls!
ANZ Channel, emt, News, OrchestraAdelaide, Australia – 12 April 2021: Cybersecurity specialist, emt Distribution, now part of rhipe, today announced that Israel-based Orchestra Group – which provides cybersecurity platforms for seamless cybersecurity management and operations – has expanded its reach to include Australia, New Zealand and APAC, with a new distribution agreement.
emt Distribution, a leading value-added distributor, offers cybersecurity solutions that address the Australian Signals Directorate’s top four mitigation strategies – dubbed Catch, Patch and Match – as well as the broader strategies in the Australian Government’s Information Security Manual (ISM).
emt now offers the full range of Orchestra Group’s Harmony solutions to channel partners, MSPs and MSSPs. They include the Harmony IoT solution, which accurately identifies and prevents, in real-time, malicious airborne threats through the attack surfaces of WiFi, Bluetooth and IoT devices. Harmony IoT provides enterprise-grade defence that quickly and easily identifies, monitors and protects all smart connected devices operating within and around the protected area as well as the ability to comply with related organisational policies and industry regulation.
Meanwhile, Harmony Purple serves as a combined, automated red team and blue team within the organisation’s networks. Harmony Purple provides next generation, enterprise-level security tools that continuously analyse and prioritise the threats, in order to create the most effective cyber risk mitigation strategies.
“Effectively identifying threats against a dispersed wireless network with remote or on-the-move workers, multiple locations and a plethora of connected devices has been almost impossible in the past,” said Scott Hagenus, Senior Sales Manager for emt Distribution. “Orchestra Group’s Harmony IoT makes massive headway into solving this problem.
“Harmony IoT gives full visibility into what networks and devices pose a threat and are interacting with a business’s network of interest. It also provides a defensive capability. The ability to block wireless borne attacks for organisations of all sizes is a huge win,” said Hagenus.
“In addition, Harmony Purple’s ability to test the effectiveness of security controls and their weak points allows organisations to continuously adjust their defences for the best security posture achievable with their current infrastructure.”
The new partnership with emt Distribution further extends Orchestra’s distribution network which already covers the EMEA, North America and South America regions.
“Australia, New Zealand and Asia Pacific are focus markets in Orchestra Group’s growth plan,” said Yair Poplawski, GM of Orchestra’s APAC branch. “emt Distribution represents all the qualities we are looking for in a value-added distributor. It has a highly experienced team with a thorough understanding of the unique needs of users in the region as well as strong professional chain of resellers to support them. This new partnership is an important step in building our presence in the region.”
“emt Distribution is delighted to add Orchestra’s Harmony Platform and security solutions to our cybersecurity portfolio,” said Richard Rundle, CEO of emt Distribution. “Australian and New Zealand CISOs are facing an increasingly complex threat landscape as they try to protect their organisations. Offering these services to MSPs and MSSPs looking to further assist their clients improve their cyber security posture with tangible results will help strengthen their position as trusted security partners.”
Learn more about Orchestra Group’s Solutions Harmony IoT & Harmony Purple
Read this Story in ARN; Read this Story in CRN
emt distribution acquired by rhipe
NewsGlobal software distributor rhipe has acquired emt distribution to expand its cybersecurity-focused offerings. rhipe is best known as the Cloud Channel Company, providing licensing, business development and knowledge services that support services providers, system integrators and software vendors to accelerate the adoption of the cloud by end customers.
About Rhipe:
Founded in 2003 as NewLease the business has grown to become the leading cloud software licensing expert in the Asia-Pacific region. From the outset rhipe has specialised in supporting the service provider community in their adoption of the Cloud. This was focused on subscription software licensing models from international vendors. As the cloud has gained traction across the industry rhipe has extended their offerings to include additional subscription licensing programs as well as more traditional programs that have become more “Cloud friendly” e.g. Microsoft Dynamics and other Microsoft volume license programs (LSP/LAR).
A unique player in the field of software distribution, rhipe is focused on enabling and accelerating adoption of the Cloud, creating a powerful combination of company culture and core competencies, without conflicts from existing revenue models or direct to end customer service offerings.
Media Release: https://www.arnnet.com.au/article/687349/rhipe-buys-emt-distribution-11m/
emt Distribution brings leading enterprise-level Netsparker dynamic application security testing solution to ANZ and APAC
Acunetix, ANZ Channel, Netsparker, NewsWith enterprise functionality and unrivalled accuracy, Netsparker complements Acunetix web vulnerability scanning solution that meets the needs of SMBs
Adelaide, Australia – 18 November 2020: Cybersecurity specialist, emt Distribution, today announced that it will bring the Netsparker enterprise-level dynamic application security testing (DAST) solution to Australia, New Zealand and the Asia Pacific region under an expanded distribution agreement.
emt Distribution also offers the Acunetix web vulnerability scanning solution that cost-effectively meets the needs of small and medium businesses (SMBs). Both solutions deliver web application security, with the enterprise-level Netsparker focusing on absolute accuracy and automation. emt’s Adelaide and Singapore offices will now offer the full range of Netsparker and Acunetix solutions to channel partners, MSPs and MSSPs.
emt Distribution, a leading value-added distributor, offers cybersecurity solutions that address the Australian Signals Directorate’s top four mitigation strategies as well as the broader strategies in the Australian Government’s Information Security Manual (ISM).
Netsparker is designed so that enterprises can fully automate all their web security processes – including automatic vulnerability assessment, and automatic discovery and protection of web assets – so they can avoid resource-intensive manual processes. With Netsparker reports, enterprises can also meet their compliance requirements.
Netsparker is the only product that delivers automatic verification of vulnerabilities. Its Proof-Based Scanning™ technology safely exploits any vulnerabilities found, generating a proof-of-exploit or proof-of-concept to rule out false positives. Users do not have to manually verify findings and can immediately proceed with the fixing of security flaws.
Netsparker scans any type of web application, provides actionable results, and integrates with company workflow tools to close the loop between IT and developers. Its built-in team management and vulnerability management features enable enterprises to create roles, assign issues, overview the remediation process, and retest after completion.
Under the expanded distribution agreement, emt Distribution will invest additional on-the-ground support and educational resources for both Netsparker and Acunetix in the region. This will see emt Distribution provide qualifying resellers with proof-of-concept keys, easy access to product trials, and assistance with customer demonstrations, all within a 24 hour turnaround time.
“emt Distribution is delighted to add Netsparker to our web vulnerability scanning and dynamic application security testing portfolio,” said Shane Mahney, General Manager of emt Distribution. “Our channel partners will be able to deliver even higher levels of accuracy and automation for their enterprise customers. It will give them a high-end alternative to Acunetix, which has proved very successful in meeting the security needs of web application developers, development operations teams and SMBs.”
“We are excited to be working with emt Distribution to expand our presence in Australia, New Zealand and the Asia Pacific region,” said Kevin Abela, VP of Global Channel Development at Invicti Security, owner of the Netsparker and Acunetix brands. “With cyber security risks continually on the rise, we want to ensure the best possible reach and support to make our customers’ web applications as secure as possible.”
About emt Distribution
emt Distribution is an Adelaide-based value added distributor and vendor representative with a presence in Australia, Singapore, Hong Kong, Philippines, UAE and South Africa. It also works closely with like-minded distributors in the UK, Netherlands and Germany. emt offers cyber security solutions that address the top four mitigation strategies to prevent cyber security incidents, the broader strategies in the Australian Government’s Information Security Manual (ISM) and solutions to address Cyber Threat Management.
emt Distribution assists channel partners, MSPs and MSSPs to deliver cyber security solutions their customers need. emt offers pre and post-sales support, channel development, engaged sales processes and marketing assistance for both vendors and channel partners. See: www.emtdist.com
Media Contact
Chris Bowes
Bowes Communications
+61 (0)2 9387 2332
[email protected]
emt Distribution Signs bluedog Security Monitoring to Bring Affordable Cybersecurity Services to SMBs in ANZ and APAC
emt, News, Press Releasebluedog disrupts security monitoring market, putting enterprise-level services within reach of all organisations, including small and medium businesses
Adelaide, Australia & Singapore – 13 October 2020: Cybersecurity specialist, emt Distribution, today announced that UK-based bluedog Security Monitoring – which aims to make monitoring services accessible to businesses of all sizes – has expanded its reach to include Australia, New Zealand and Asia Pacific with a new distribution agreement.
emt Distribution, a leading value-added distributor, offers cybersecurity solutions that address the Australian Signals Directorate’s top four mitigation strategies – dubbed Catch, Patch and Match – as well as the broader strategies in the Australian Government’s Information Security Manual (ISM).
bluedog, which is headquartered in London with a security operations centre in Manila, is disrupting the market for security monitoring. The company provides a level of network protection typically only afforded by large corporations, putting it within reach of all organisations. This includes offering high quality technology, support and service to small and medium businesses (SMBs), helping protect them from cyber threats.
emt’s Adelaide and Singapore offices now offer the full range of bluedog’s solutions to channel partners, MSPs and MSSPs. They include the popular bluedog Microsoft® Office 365™ Monitoring, a low cost work-from-home solution that allows organisations with remote workers to protect their data – the only one of its type backed by a live security team.
Meanwhile, the bluedog virtual Chief Information Security Officer (vCISO) service provides access to an experienced security professional to assess risk and ensure compliance with standards; while the managed detection and response (MDR) service allows even small organisations to have the reassurance of 24-hour monitoring.
“Fixing incidents after they have happened is notoriously difficult and expensive, and can be massively disruptive to organisations with limited cybersecurity resources,” said Shane Mahney, General Manager of emt Distribution. “Organisations need a collaborative range of systems and support services to fight cyber attackers effectively. bluedog provides a robust stack of preventive solutions to fill the gaps many organisations have.”
The new partnership with emt Distribution further extends bluedog’s distribution network which already covers Europe, the Middle East, India, Malaysia and the Philippines.
“Australia, New Zealand and Asia Pacific are key markets for bluedog,” said Paul Lomax, CEO of bluedog. “emt Distribution has a highly experienced team with a thorough understanding of the needs of users in the region. This new partnership is an important step in building our worldwide network.”
“emt Distribution is delighted to add bluedog’s advanced network security solutions to our cybersecurity portfolio,” said Richard Rundle, CEO of emt Distribution. “bluedog’s entry into the region gives our channel partners and their customers access to a new level of cybersecurity protection with enterprise-grade sophistication at an accessible price point.”
About bluedog Security Monitoring
Privately held and headquartered in London UK, bluedog Security Monitoring provides essential cybersecurity technology that helps businesses to monitor, protect and secure their business systems. Our people deliver insight and provide solutions to security issues across business networks, safeguarding the employees, customers and reputation of any business. For further information see www.bluedog-security.com.
About emt Distribution
emt Distribution is an Adelaide-based value added distributor and vendor representative with a presence in Australia, Singapore, Hong Kong, Philippines, UAE and South Africa. It also works closely with like-minded distributors in the UK, Netherlands and Germany. emt offers cyber security solutions that address the top four mitigation strategies to prevent cyber security incidents, the broader strategies in the Australian Government’s Information Security Manual (ISM) and solutions to address Cyber Threat Management.
emt Distribution assists channel partners, MSPs and MSSPs to deliver cyber security solutions their customers need. emt offers pre and post-sales support, channel development, engaged sales processes and marketing assistance for both vendors and channel partners. See: www.emtdist.com
Media Contact
Chris Bowes
Bowes Communications
+61 (0)2 9387 2332
[email protected]
emt Distribution signs Layer 8 Security to address the human dimension of cyber risk prevention
NewsReseller partners can offer first fully measurable Security Behaviour Framework and Cyber Escape Room training adventures in Australia, New Zealand and Asia
Adelaide, Australia – 18 February 2020: Cyber security software specialist, emt Distribution, today announced an agreement with Australian company, Layer 8 Security to offer a complete suite of security awareness solutions leveraging progressive training techniques to effectively improve human response to cyber attacks.
Layer 8 Security developed the first fully measurable Security Behaviour Framework and Cyber Escape Room training adventures in Australia, New Zealand and Asia as part of its security awareness suite. These address the shortcomings of traditional security awareness training programs which typically tick a compliance box without effectively preventing cyber attacks.
“Security awareness training should be more than an annual one-size-fits-all computer-based training course and a simulated social engineering attack,” said Robert de Haan, CEO and Founder of Layer 8 Security. “To truly address the human dimension of cyber risk prevention, measurements of each individuals’ attitude, behaviour, culture and knowledge must be taken into account.”
Layer 8 Security’s Security Behaviour Framework employs a cyclical model of assessment, education, reinforcement, and measurement. Individuals are tested at different times from receiving training, for example, to properly understand how they have progressed. “Our framework has helped our customers change behaviours within their organisations and reduce the damage caused by cyber criminals, malware infections and phishing attacks by up to 90%,” said de Haan.
Layer 8 Security’s Cyber Escape Room training adventures, like other parts of the solutions suite, address local standards, requirements and cyber risks. Embedded lessons cover areas such as passwords, physical security, remote access and mobile devices. They also function as team building events and dramatically improve knowledge retention which can be as low as 5-10% using computer-based training alone.
“Knowledge retention is key to a successful cyber security awareness program,” said Scott Hagenus, CMO for emt Distribution. “Government initiatives and compliance regimes often recommend or require cyber security awareness training. But if you want this stuff to stick, and get an actual improvement in cyber risk prevention, Layer 8 Security is a better choice.”
Under the agreement, emt Distribution will execute a 100% channel strategy and expand Layer 8 Security’s existing base of IT Security resellers in Australia, and recruit partners in New Zealand and Asia as well. emt is implementing a broad channel program with ongoing lead generation and pre-sales support. This builds on the channel program created by Layer 8 Security when it moved to a 100% channel sales model in 2019.
The security awareness training market exceeds A$1.5 billion globally with annual growth of about 13%, according to research firm Gartner. Layer 8 Security doubled staff numbers and more than doubled revenues in the last year. “I expect that growth to accelerate with the partnership between Layer 8 Security and emt Distribution,” said de Haan.
As well as receiving additional revenue with healthy margins in a growing segment of the cyber security market, Layer 8 Security partners benefit in other ways.
The company’s Security Behaviour Framework includes a gap analysis which identifies issues partners can address through other cyber security solutions. This deepens customer engagement and leads to additional business opportunities. Partners also receive cyber security awareness training as part of their enablement program, helping to give them a good understanding of how their customers will benefit.
About emt Distribution
emt Distribution is an Adelaide-based value added distributor and vendor representative with a presence in Australia, Singapore, Hong Kong, Philippines, UAE and South Africa. It also works closely with like-minded distributors in the UK, Netherlands and Germany. emt offers cyber security solutions that address the top four mitigation strategies to prevent cyber security incidents, the broader strategies in the Australian Government’s Information Security Manual (ISM) and solutions to address Cyber Threat Management.
emt Distribution assists channel partners, MSPs and MSSPs to deliver cyber security solutions their customers need. emt offers pre and post-sales support, channel development, engaged sales processes and marketing assistance for both vendors and channel partners. See: www.emtdist.com
Media Contact
Chris Bowes
Bowes Communications
+61 (0)2 9387 2332
[email protected]
Third time win for emt Distribution at Thycotic International Partner Conference
NewsAdelaide, Australia – 1 November 2019: emt Distribution received multiple awards for the third time running at Thycotic’s Partner Conference, Unlocked, held in Monaco 15th – 17th October. Adelaide based emt Distribution was awarded International Distributor of the Year, 2019 with 91 of Thycotic’s distributors and partners attending from multiple regions including Europe, Middle East, Africa and Asia Pacific. This is emt Distribution’s second win as International Distributor of the Year since bringing Thycotic on board as an ANZ vendor partner in July 2016.
This award is noteworthy as it is a recognition of the outstanding efforts and results emt has driven in ANZ over the last 12 months. It rides on the back of its 2017 win of the same award in Alicante, Spain and also of the International Pre-sales and International Pro Services Champion awards in 2018 at Unlocked in Nice, France. emt was also awarded International Pre-sales Champion for 2019.
“We are absolutely delighted with our awards and truly appreciate the recognition of the success we have had with Thycotic in the region,” Scott Hagenus, CMO of emt Distribution said. “We have consistently demonstrated that with the right mix of resources, focus, strategy and determination, significant growth is achievable.”
Hagenus further stated that, “Thycotic’s underpinning technology and ability to address real world security challenges in privileged access management is exceptional. Coupled with our outstanding channel, there is a lot more to achieve in the region.”
There was further recognition of ANZ at Unlocked as emt and Thycotic partner, A23 also received recognition for International Deal of the Year! Canberra based A23 is a consulting and professional services IT firm who was the first in the region to be invited and accredited as Thycotic Professional Services certified. This award recognises A23’s ability to meet customers’ needs with the right solutions and also implement them at the highest level, which gives them significant competitive advantage.
“This is an exciting time for Thycotic in ANZ as it continues to grow and we expand and create more opportunities within the channel. We continue to look forward to creating strong partnerships in the region and consistently deliver great value,” said Andrew McAllister, Regional Director for Thycotic ANZ.
AusCert 2019
emt, NewsWe are excited to be exhibiting at the AusCert Conference 2019 at the Surfers Paradise Marriott Resort & Spa, Swing by booth 37 to say hello to the team and booth vendors – Flashpoint, ThreatConnect and VMRay.
Exhibiting at the conference is also our other vendors – Thycotic and Airlock
AusCert 2019 is a great opportunity to learn about new approaches to info security, discover the latest technology and interact with top security leaders and pioneers in ANZ community.
Hands-on sessions, keynotes and informal gatherings allow attendees to tap into a smart, forward-thinking community that inspires and empowers the cyber security community in Australia and New Zealand. Learn more about AusCert2019 here
Refirm Labs Signs emt Distribution
Newsemt Distribution brings ReFirm Labs to Australia and New Zealand to counter growing cyber threats to devices and the IoT
Agreement allows reseller partners to offer Centrifuge Platform™ to secure Internet-connected devices from routers and security cameras to light bulbs
Adelaide, Australia – 23 April 2019: Cyber security software specialist, emt Distribution, today announced an agreement with U.S.-based ReFirm Labs to bring its Centrifuge Platform™ to Australia and New Zealand for vetting, validation and monitoring of organisations’ firmware security.
emt Distribution will execute a 100% channel strategy in the region, working with partners to market and support the Centrifuge Platform so organisations can counter the cyber threat to growing numbers of Internet-connected devices from routers and security cameras to light bulbs and refrigerators.
According to ReFirm Labs, cyber security standards have not kept pace with rapid Internet of Things (IoT) adoption. Firmware within devices is vulnerable to attacks that are difficult to predict or protect against, placing an organisation’s customers, finances and reputation at risk. Current security measures don’t effectively protect firmware, and fail to proactively address vulnerabilities before it’s too late.
Among the challenges faced by organisations is meeting the demand for IoT devices with the confidence that they do not pose a security risk. The entry of ReFirm Labs into the region closes this security gap for enterprises, government agencies and operators of critical infrastructure.
ReFirm Labs’ Centrifuge Platform gives organisations confidence in the security of their devices and IoT deployments. With no source code required, continuous monitoring, API integration and actionable reporting, organisations can address IoT vulnerability concerns, and make informed purchasing and deployment decisions.
“ReFirm Labs lines up with our focus on sourcing and delivering innovative solutions for cyber security vulnerabilities that mainstream technologies don’t address,” said Scott Hagenus, CMO at emt Distribution. “The fact that organisations with a heavy reliance on IoT devices can vet firmware images for vulnerabilities in around 30 minutes, without requiring source code, brings confidence to the choices they make.”
Channel partners looking to lower the cyber risks of organisations reliant on potentially vulnerable devices can leverage emt Distribution’s resources to assist with everything from discovery meetings to demonstrations, pre-sales engineering and solutions implementation.
“emt Distribution’s knowledge of the cyber security market, long-term relationships with channel partners and technical expertise give us the capability to meet the growing demand for firmware security solutions in Australia and New Zealand,” said Derick Naef, CEO at ReFirm Labs.
“emt Distribution is delighted to add device and IoT firmware security to our broad cyber security solutions set,” said Richard Rundle, CEO at emt Distribution. “ReFirm Lab’s entry into the region gives our channel partners and their customers access to a new level of cyber security sophistication and maturity in an area that is often overlooked.”
About ReFirm Labs
ReFirm Labs provides the industry’s first IoT and firmware security solutions that proactively vet, validate and continuously monitor IoT devices for hidden threats. Its flagship product, Centrifuge Platform®, detects and reports potential zero-day exploits, hidden crypto keys, backdoor passwords and known vulnerabilities in IoT devices without needing access to source code. ReFirm Labs’ technology has been proven to provide the insight and intelligence needed for users to proactively defend connected devices and maintain compliance and the integrity of supply chain security. Founded by a team of former NSA offensive cyber operators, ReFirm Labs is trusted by government agencies and Fortune 500 companies that operate in a wide variety of industries, including: telecommunications, cloud infrastructure and data centers, automotive, health care, utilities and manufacturing. For more information, visit www.refirmlabs.com or follow on Twitter @ReFirmLabs.
About emt Distribution
emt Distribution is an Adelaide-based value added distributor and vendor representative with a presence in Australia, Singapore, Hong Kong, Philippines, UAE and South Africa. It also works closely with like-minded distributors in the UK, Netherlands and Germany. emt offers cyber security solutions that address the top four mitigation strategies to prevent cyber security incidents, the broader strategies in the Australian Government’s Information Security Manual (ISM) and solutions to address Cyber Threat Management.
emt Distribution assists channel partners, MSPs and MSSPs to deliver cyber security solutions their customers need. emt offers pre and post-sales support, channel development, engaged sales processes and marketing assistance for both vendors and channel partners. See: www.emtdist.com
Media Contact
Chris Bowes
Bowes Communications
+61 (0)2 9387 2332
[email protected]
What do ASD Essential Eight changes mean for your organisation’s security
Cybersecurity, emt, News, Top 4By Alex Duffy, Security Solutions Architect, emt Distribution
The recent (25/2/19) and unexpected update to the Australian Signals Directorate’s Essential Eight Maturity Model serves to keep the ASD’s guidelines relevant going forward and address the latest weak points in IT security. What stays the same though is the ASD’s guidance on practical updates on how to stay ahead.
While these guidelines are specifically relevant to federal government organisations’ critical infrastructure they are now being pushed indirectly to contractors or businesses who work with the federal government. But even though these guidelines may not be mandatory for private businesses, they are best practice. If they are good enough to safeguard our political, defence and economic interests as a nation, they should be appropriate to safeguard our businesses from the majority of possible cyber security attacks and incidents.
This recent update sees fewer restrictions around patching but a higher level of control on Application Whitelisting which has now been extended to all workstations for levels 1 and 2 of the maturity models. Multi Factor Authentication no longer permits the use of SMS, emails or voicemails for level 1 maturity and specifically states a requirement for passwords to be longer than six characters at all levels.
But what does this actually mean for today’s IT professionals?
These changes reflect the changing priorities required to address today’s threat landscape. With the loosening of controls around patching, the ASD acknowledges the balancing act that security personnel must perform in certain environments. There is definite acknowledgement of the dilemma faced where patching may break functionality vs maintaining a secure environment and strict adherence. A reduction in the burden on already overworked IT admins meeting requirements while allowing better automation is removing overhead while not reducing security.
The higher importance placed on Application Whitelisting definitely reflects what we see in the marketplace. With Application Whitelisting now available as a mature solution it is reasonable to expect organisations to use it across their entire environment. Increased visibility alone of endpoint applications makes life easier for security, helpdesk and management alike stopping more endpoint threats before they reach any part of the network.
Combined focus on patch automation and increased scope of Application Whitelisting we also see as acknowledgement of a more distributed workforce need for security and higher difficulty in controlling remote endpoints.
The more specific wording for Multi Factor Authentication also recognises how threat actors are now working around basic MFA and endeavours to close those weak spots.
There are now only three maturity levels instead of the original five: Partly (level 1), Mostly (level 2) and Fully (level 3) aligned. Level 0 is no longer listed as it doesn’t meet even the most minimal criteria and level 4 is only required on an ad hoc basis depending on advice from the ASD. These changes assume that organisations will now at least begin to adhere to these standards to a degree and give a clear path to full alignment at level 3.
The biggest takeaway from this update appears to be that it is no longer reasonable for a business entity to not address the Essential Eight, especially with the removal of level 0. If a business has not yet met the criteria for level 1 then its current security measures are faulty and need immediate remediation.
We welcome this specific update because it reflects what our customers have been demanding already. emt’s focus on security solutions addresses the Essential Eight and beyond to ensure our customers’ networks are ahead of requirements using the latest technologies. We already have solutions that address the Top 4 – Airlock Digital, Flexera, Stealthbits, and Thycotic.
Read more about our solutions for Top 4 mitigations at https://www.emtdist.com/solutions/australian-signals-directorate-top-4-mitigations/
Flashpoint Intelligence on APAC-ANZ Cyber Activity to Guide Upcoming Risk Decisions
Cybersecurity, emt, Flashpoint, NewsAuthor: Aaron Shraberg, Flashpoint
Geopolitical and economic tensions between the United States, China, and North Korea figure to steer risk management decisions in the Asia-Pacific region for the coming months. Organisations, such as some recently targeted financial services institutions in Australia and New Zealand, should closely monitor cyber and political activity in the area.
The diverse geopolitical and economic interests of the states in the region play a significant role in driving and shaping cyber threat activity against entities operating in APAC. While most threat actors targeting organisations in the region are financially motivated, nation-state activity remains a potent threat against government and diplomatic entities, as well as financial organisations as nations such as North Korea continue to fund operations through hacking.
Political and Economic Events to Watch
As 2019 progresses, the ongoing trade conflict between the U.S. and China could spur an uptick in cyber activity against the U.S. and its closest Five Eyes allies, further eroding the Xi-Obama agreement to cease China’s industrial espionage activity for economic gain.
Last year, a limited number of named APT outfits operating in the region were alleged to be behind high-profile compromises and thefts of data and/or funds from global financial institutions, attacks on various multinational firms via third-party providers, and campaigns against the cryptocurrency industry.
North Korea is likely to remain a stressor in the region. It is unlikely to unilaterally disarm its nuclear program, and will likely ramp up its cyberattacks against APAC, ANZ, and Western financial institutions, as well as cryptocurrency exchanges in order to finance the regime and its activities. Organisations should also monitor unresolved disputes over ownership and militarisation of parts of the South China Sea, debates over the integrity of Huawei and ZTE devices in Western networks, and other events in the region that could impact businesses in ANZ and APAC.
While some criminal organisations operating in ANZ and APAC are believed to be behind Eastern European outfits in terms of experience and capabilities, APT activity from China and North Korea is considered highly advanced. Organizations in the region should be aware of campaigns linked to criminal or nation-states in the area, and some of the tactics, techniques, and procedures (TTPs) employed by these groups.
Advanced TTPs Coming out of APAC-ANZ
Some TTPs include commonplace first-stage attacks such as phishing or spear-phishing emails and watering hole attacks. These groups also have at their disposal banking Trojans, malware that seeks out and steals credentials, and ransomware, among others. Many criminal groups are proficient in activity to facilitate carding and reshipment fraud, the theft and sale of personally identifiable information, as well as more technically involved operations, including the sale of compromised RDP hosts, developing proxy and anonymization tools (to circumvent law enforcement and censorship efforts), and other tactics to carry out fraud.
Some attackers are also making use of publicly available exploits for common vulnerabilities in Apache Struts, Oracle products, Adobe Flash, Microsoft Office and others. Most of these vulnerabilities have already been publicly disclosed and patches are available, meaning that threat actors are opportunistic in the region, capitalising on lax patching efforts, or under-resourced IT organizations to exploit these security flaws.
Already this year, financial institutions in Australia, Japan, and elsewhere have reported being targeted by a new spam campaign using the Hancitor dropper to infect machines with the Gozi information-stealing malware. Gozi, also known as Ursnif, packages up banking and other account credentials from an infected machine and exfiltrates them to an attacker-controlled server. Variants of the banking malware have been active since 2014 and frequently target Microsoft Office vulnerabilities to gain a foothold on unpatched machines.
Malware-based attacks aren’t the only means of profit for threat actors in the region. Late last year, several Chinese-language Deep & Dark Web forums contained posts advertising the availability of fraudulent identification cards from Australia, New Zealand, several locations in Europe, as well as North America. The fraudulent documents would allow, in some regions, the ability to travel without additional visas, vote in elections, or open bank accounts, for example. Another post also advertised processing of identifications and passports from Australia, New Zealand, Canada, France and Germany, opening the door to citizenship in some of those locations, in addition to the previously mentioned capabilities.
Assessment
Enterprises in Asia-Pacific, Australia, and New Zealand will have impending risk management decisions guided in some part by the fragile geopolitical and cyber climate in the region. As the U.S., China, and North Korea tug at each other’s shirttails in cyberspace and in the political arena, businesses will continue to be targeted by criminal and state-sponsored outfits operating in APAC and ANZ. Any erosion of these diplomatic or economic relationships will trickle down to businesses in the area, and threat activity targeting countries and companies in APAC-ANZ will be influenced accordingly.
About the Author
Aaron Shraberg is Senior Analyst on the Asia-Pacific intelligence team at Flashpoint. He speaks Mandarin and specialises in analysing key trends, threat actors, and campaigns emanating from the region, with an emphasis on China. Prior to Flashpoint, Aaron held roles in foreign policy and national security research for organisations including the Institute for International Economic Policy, DGI, and Kharon. He received a bachelor’s degree in literature from the University of Kentucky and a master’s degree in Asian studies from The George Washington University.
Flashpoint empowers organisations worldwide with meaningful intelligence and information that combats threats and adversaries. Headquartered in New York, Flashpoint has offices in Melbourne, Australia and is distributed in Oceania and South East Asia by emt Distribution.