Guest post by Sam Bocetta!
Sam is a freelance journalist specializing in U.S. diplomacy and national security, with emphases on technology trends in cyberwarfare, cyberdefense, and cryptography.
Another day, another major data breach. This time, it’s from Capital One bank, a major credit card company based out of McClean, Virginia. Although the hacker in this case was found and arrested in record time, this breach could have been detected before some 100+ million customers had their data accessed.
The breach was caused, according to the best information we have at the moment, by an insider (former employee of the web hosting company) who obtained the AWS IAM keys for Capital One S3 bucket. That’s a pretty embarrassing mistake to make for a huge, multinational financial services company, and so it’s no surprise that all the companies involved in the breach are blaming each other. The fact remains, though, that someone messed up, and that the breach could have easily been avoided.
On July 19, 2019, a former employee of Amazon Web Services accessed credit card applications submitted to the company between 2005 and earlier this year. The database contained names, addresses, and other personal information of 106 million customers in the US and Canada.
While the company claims that there’s no evidence that the breach was for financial gain or to disseminate the information, there is some evidence that the hacker, Paige Thompson of Seattle, toyed with the idea of releasing the information for sale on the dark web on several forums. It has also been reported that she may have breached more than 30 organizations.
The database was accessed due to a configuration vulnerability which was discovered by an outside cyber security firm on July 19. Capital One released an apology to customers and offered free credit monitoring and identity protection for one year to those affected. While no customers have been harmed financially so far, Capital One is expected to lose between $100 million and $150 million in breach mitigation costs.
In some ways, the Capital One breach is a typical example of how data breaches occur in 2019. Two features of the hack have become depressingly familiar in recent years: it seems to have been motivated by a disgruntled employee who still had access to critical systems, and could have been prevented had the Capital One been following basic security precautions.
Capital One is among the first credit card companies to move fully to a public cloud-based business model. They hired Amazon Web Services, one of the oldest cloud computing companies, to manage their platform. The company states that there was no flaw on their end. A misconfigured firewall on the server side of the equation was to blame.
Thompson was able to access data that Capital One had stored on servers maintained by their cloud provider. These servers are protected by firewalls that automatically detect and shut down any incoming connection from a non-trusted source. That’s what should have happened in this case, had someone not forgotten to configure the firewall properly.
Though Capital One was quick to point the finger of blame at AWS, Amazon just as quickly denied the charge: “The perpetrator gained access through a misconfiguration of the web application and not the underlying cloud-based infrastructure,” an Amazon spokesperson said in a statement.
Cybersecurity experts agree. Several experts told the Houston Chronicle that the mistake is far more likely to have occurred within Capital One. They also noted that had the servers undergone proper penetration testing, the vulnerability would have easily been detected far in advance of the breach occurring.
The incident also points to some deeper issues. More and more companies are now using cloud-based storage solutions, because of the increased speed and scalability that these provide. However, as more companies are involved in maintaining the same system, it becomes difficult to assess the responsibility (and blame) of each one. Instead, each company relies on the other to keep data safe, and blames the other when something goes wrong.
Fortunately, the solution to this is pretty simple: all companies should have in place a robust performance management system.
When you have a robust monitoring system, it provides teams with an overview about what is happening within the data center, be it your AWS Cloud account or Azure cloud or on premise data center.
In this case, IT system administrators could configure the IT monitoring system to set alerts on normal threshold vs abnormal threshold. For example, the hacker in the Capital One scenario downloaded terabytes of data which means a lot of data transfer activities. In IT terminology, this should have shown some spikes on Network In and Network Out metrics. Having proper thresholds on data transfer activities could have alerted the administrators and reduced the impact of the hacker actions.
Cyber crime is something that all of us need to worry about, whether we’re individuals, eMerchants, or security professionals. Customer databases are especially attractive targets for hackers because they often contain account numbers and personal identification information that fetch a nice bounty when sold on the Dark Web.
However, as networks get more complex, access control and log monitoring are not enough. In the case of Capital One, access was gained by someone with some level of privilege and knowledge of how to get into their customer databases. This means that business owners must be aware of the security protocols that are in place on every system that they use, from cloud storage providers to web hosts, from their email marketing tools to their social media accounts.
That means prevention is not enough.
One of the surest ways to protect your website and reputation is through a system of comprehensive performance monitoring. Through such oversight, you can determine if any area has been infiltrated through a forensic analysis to detect inconsistencies between the log record and physical storage.
Practiced cyber criminals can still bypass log audits by erasing all evidence from the history of SQL queries but it still leaves traces of their presence on the disk storage record and RAM. Attempting to access the OS to tamper with this log is too risky for all but the most reckless hackers.
Had Capital One put in place quality performance monitoring tools, it’s unlikely that the recent breach would have occurred. Consumers and business owners are disheartened whenever information about a huge hack hits the news. It reinforces fears of identity theft and financial ruin. We worry because if governments and huge corporations can’t protect data, how can individuals and SMBs?
We can’t afford to take data integrity for granted. The first step toward more comprehensive cyber security is knowing where breaches are possible. The second is using available tools and monitoring systems diligently and consistently.
As an IT professional, your job is to ensure continual systems availability and to mitigate risk. Monitoring your IT infrastructure is an essential part of your overall IT strategy, yet many companies either don’t have an effective system in place or are using outdated tools that only provide part of the picture.
The risks associated with not monitoring your system or using outdated tools definitely outweigh the time required to advance your systems measurement resources and their costs. Failure to monitor or using outdated systems can lead to unnecessary downtime, reduced security, lost profits and is a major blow to your company’s street cred. Here are the Top Five Reasons Why IT Performance Monitoring is Critical
No one wants to experience downtime. Your network needs to do more than simply work as expected. It is imperative that it is working at all times. By integrating newer IT performance monitoring tools, you’ll ensure that every aspect of your IT infrastructure is stable and functioning as it should. Alerting functions provide up-to-the-minute information about performance issues that could cost your company hundreds of thousands of dollars in unplanned downtime.
Just turn on the evening news and you’ll hear about hackers, phishing schemes and other malicious attempts to extract customer and credit card data from companies. By incorporating an IT performance monitoring software, you’ll have the protection you need to mitigate the risk of experiencing a “Day at the Breach” by proactively identifying weak points in your security setup. IT performance monitoring tools will automatically alert you to atypical system activity which gives you the power to respond to potential threats and stop the bad guys in their tracks before it’s too late.
It’s is easier than ever to manage internal and external expectations with an IT performance monitoring system in place. With just a few clicks of your mouse, you can provide your staff with the tools they need to report on what’s working, and what isn’t. You’ll also be able to ensure that you’re providing a reliable customer experience.
Data visualization turns obscure data into easily understandable visuals and provides a quick way to convey your message. When the data is presented visually, the IT team can more effectively recognize patterns, identify data outliers and analyze data over time. Elements and patterns that were once too obscure to notice on a spreadsheet will pop off the page when delivered in a visual manner. Data visualization also allows members of the c-suite and other decision-makers to quickly identify trends and patterns to understand how one variable affects other areas of the company.
Your company’s brand is at stake. Now we realize that many of you might be saying “branding…schmanding….what does our internal IT infrastructure have to do with my company’s brand anyway?” Well, take our word for it…it does. As more and more customers interact with your brand online, ensuring that your systems are safe, secure and always working is imperative to repeat business and an IT performance monitoring solution is the key element to delivering an exceptional customer experience.
A Bonus 6th Reason IT Performance Monitoring is Essential…
Your Competition is Using IT Performance Monitoring Software to Deliver More Value Internally and Externally
More and more companies are realizing that they can gain a competitive edge by leveraging the data that results from IT performance monitoring. Your competition is implementing IT performance monitoring to easily capture, monitor and visualize data streams to improve quality and reduce the costs of operations to remain competitive.
Successful companies are leveraging the advanced data and analytics to ensure system-wide performance. Whether they seek to improve customer experiences, catch product flaws before repairs or replacements are needed, or increase safety, these systems also provide IT and OT professionals in many industries such as manufacturing, financial services, and telecommunications with previously untapped views into how their businesses operate.
Companies like Sightline Systems are helping customers achieve business transformation with IT performance monitoring. The newest release of Sightline’s award winning platform for managing the continuous streams of time series data has broken new barriers, collecting data in real time millisecond observations. This breakthrough technology is providing users with access to data which was previously unavailable.
Sightline EDM helps users easily capture, monitor and visualize data streams from their IT environments. Older, legacy systems have for many years provided visibility into operations but the data was frequently summarized due to the volume of data produced. The state-of-the-art Sightline EDM software has removed these barriers and can store millisecond level data in real time and preserve the data for future analysis and planning tasks.
For more information about how IT performance can help your company reduce downtime, optimize performance and achieve real results, contact Sightline Systems.
Now that we’ve entered the era of self-driving vehicles and asset sharing (think Uber and Lyft), you might wonder why – or if — trains still exist. Turns out, the old Iron Horse still plays a critical role in our transportation system, carrying between 16% and 18% of our freight. Why? Because trains are nine times more powerful and efficient than trucks, able to carry significantly larger loads in a single haul. Add to that the simplicity of maintaining a single locomotive engine, and you have quite a few reasons to use rail to transport freight.
The same applies to the mainframe in the mobile-first, cloud computing era of information technology. Big Iron is still the most efficient, reliable, and secure way to store large volumes of data and process tremendous numbers of transactions all the while simplifying maintenance.
Mainframes aren’t hip or sexy, but they are still critical to many enterprises that handle businesses with large-scale transaction. As consumers rely more and more on their smart phones to conduct transactions, banks and hospitals rely on mainframes to process these transactions. Not just because they’re secure, but because the modern mainframe combines fast data access with scalable, sub-second transactional capability. Most of us don’t think “mainframe” when we think “mobile banking,” but maybe we should.
From a hardware perspective, today’s mainframes are powerful but not necessarily as large as their old nickname Big Iron implies. Because they continue to be designed for redundancy and resiliency — mainframes almost never go down — they’ve maintained their legendary reliability. As a result, they still shine anywhere computing power, large I/O requirements, and massive transaction processing are required. So, like trains, mainframes aren’t going away.
Consider the data center, full of small, inexpensive computers networked together. Each computer hosts multiple virtual machines that handle resource allocation, and the entire collections is managed and reported on to create a tightly integrated system that looks and functions a lot like a mainframe.
Of course, in the data center, each device must be configured, integrated and managed to ensure the appropriate level of security and performance. System administration costs often exceed the hardware purchase price.
Today, most organizations understand the need to provide familiar interfaces and mobile options to both customers and employees, so mobile and cloud computing are part of their technology roadmap. Industries that require processing power, security, and reliability typically have mainframes on their technology roadmap as well, often in a hybrid cloud model.
Payment processing, trading, and reservation systems all place unusually high demands on IT infrastructure 24x7x365. Industries that rely on these activities process billions of transactions per second, support thousands of concurrent users, and provide millisecond response times. General purpose hardware and operating systems are typically unable to support such demands, so mainframes are a must for many businesses within the travel, finance, banking, and healthcare verticals.
Including mainframes on your technology roadmap doesn’t necessarily mean replacing existing mainframe hardware, but it does typically include modernizing it through a variety of software tools.
Of course, the more complex and diverse your operating environment, the more difficult it becomes to maintain, let alone use to gain insights into your business.
Sightline, Enterprise Data Manager (EDM) combines data from countless devices, sensors, servers, and mainframes to create a “single pane” view into the state of your digital health. EDM provides real-time anomaly detection, forecasting, capacity planning, and root cause analysis, enabling you to monitor and control your IT environment. Its highly interactive, visual tools are used to achieve results in minutes, accelerating discovery and investigation within any environment.
EDM, through a variety of Power Agents is compatible with Unisys ClearPath OS 2200, Clearpath MCP and Stratus VOS systems. Power Agents reside on the host infrastructure, collect and report performance data from all key components of the system, enable IT teams to monitor the entire system in real time to proactively predict performance issues and prevent unplanned downtime and data loss.
While you might not recognize our name, Sightline Systems has been helping clients maintain their IT infrastructure for over 20 years. We serve blue chip customers in industries as diverse as energy, finance, and telecom as well as manufacturing, retail, and travel.
If you’re struggling to monitor a diverse and growing network of systems, do yourself a favor: let Sightline Systems do the hard work for you.
Sightline Systems announces that its IIoT software, Enterprise Data Management (EDM), has been selected by a major global appliance manufacturer to provide real-time visibility into their manufacturing processes. This new software will be included in manufacturing operations around the world and will provide never before seen real time visibility. Sightline’s IIoT EDM software is planned for the multi-country roll out in Q3 of 2016 and will help the company attain a significant competitive advantage.
The Sightline IIoT EDM solution has already exceeded the expectations of other global manufacturers, providing high speed data collection and analysis of manufacturing processes. Sightline EDM for manufacturing simultaneously monitors multiple PLCs, manufacturing sensors, IIoT devices, storage devices, network devices, peripherals such as cameras and door locks and more all in real time. Millisecond analytics are critical for precision manufacturing and EDM is specifically designed to provide the real-time data manufacturers need to make smarter, more cost effective decisions on the fly.
“This company, which has asked to remain confidential, has found a real competitive advantage from using Sightline Systems’ software to monitor their manufacturing processes in real time,” says Brandon Witte, President and CEO of Sightline Systems. “The advanced EDM tool can analyze massive volumes of data created during the manufacturing process, correlate the data and provides highly sophisticated analytics in real time. The highly advanced processing ability allows engineers to quickly identify issues and make process improvements which can increase quality and reduce costs,” continued Witte.
The Sightline IIoT EDM software is the helping manufacturers gain a competitive advantage as the costs to produce goods continues to increase. The Sightline solution is capable of capturing and analyzing millisecond level data which was previously cost prohibitive or technically not possible in manufacturing environments. Sightline’s state of the art yet simple to deploy software leverages commodity class hardware yet can capture and visualize sub second data in real time. Successful companies are leveraging the advanced data and analytics from EDM to ensure system-wide performance. Sightline EDM is used by world-renowned global companies to provide full visibility into IT and OT environments. Its user-friendly dashboards highlight all active alerts and provides a comprehensive history for all mission-critical servers, operating systems, sensor data, monitored applications and more.
Sightline Systems is well known for providing top-level business intelligence and advanced analytics solutions that leverage time series data, predictive analysis, visualization, advanced alerting capability and more in real time to provide its customers with a higher level of insight than any other software company. Customers that implement Sightline’s solutions have noted enhanced efficiency, improved accuracy and increased profitability.
To learn more about Sightline Systems IIoT solution for manufacturing, contact Sightline Systems today at (703) 563-3000 or click here. EDM solutions are also available for a wide variety of industries. Learn more here.
Sightline Systems is currently seeking an experienced Support Analyst to join our team in Fairfax,VA.
Who we are:
Sightline offers a real-time operations intelligence solution focused on analytics, root-cause analysis and correlation of data from any source — critical IT systems, applications, storage, databases — down to the process level.
Sightline’s powerful analytics go beyond point-in-time data to include over time and real time trend analysis, with abnormal behaviors or events dynamically communicated for appropriate actions.
About the role:
We are looking for a creative, motivated Product Support Analyst to help us grow. The Product Support Team is the primary support interface for customers, resellers, and distributors.
The Analyst will assume ownership of support cases assigned by the Product Support Manager and will follow through until the case has been closed or reassigned to another individual. If a question cannot be immediately answered, the candidate will be expected to use available resource material and/or consult with product experts to advance the resolution of the issue in a timely manner.
What you’ll do:
Our ideal candidate:
Education and experience
Skills and abilities:
What we offer:
Qualified applicants should send a cover letter and resume to firstname.lastname@example.org.
In Linux, calculating available memory is not always straightforward. This is because Linux treats memory resources differently than other operating systems. Because of this, many Linux server monitoring tools do not properly calculate the true value of the property correctly, because of what Linux is doing with memory resources behind the scenes. So a Linux admin running a Linux system might see that they have zero (0) Memory resources available, when in fact plenty of memory is available.
Linux, by design, uses RAM memory for disk caching to speed up the system. This means that the Mem % Free metric will consistently be low (maybe 5%), when in actuality, the system is only using 50% of the RAM.
It is possible in Sightline EDM to accurately monitor Linux memory usage and generate alerts when the amount of real memory gets too low, as opposed to when the default Mem % Free metric only appears to be too low.
Currently, this needs to be done using an expression, which lets you build and define your own metrics using currently existing metrics. We will make 2 expressions in order to monitor real Linux memory usage.
By using these expressions, it is possible to create meaningful alerts based on real memory instead of the default Mem % Free across a wide range of Unix systems.
The screenshot below shows the default Linux memory metric, Mem % Free, in the lower blue line hovering around 1% free, in comparison with the expression created for Mem Real pct Free, which shows the upper orange line around 36% free. Although the blue line appears to indicate that the Linux system is out of memory, that memory is actually being used for disk caching, whereas the orange line shows real memory around 36% free, which is a much better metric for creating performance alerts.
The difference can also be seen at the end of the graph, when an application begins using real memory, causing the orange line to dip down to 5%. The blue line does not reflect this change, however, because the system simply decreases the amount of memory available for disk caching and increases the amount of memory availabile to other applications, which effectively cancels each other out. In this way, it is possible to set up alerts to accurately monitor Linux memory usage in Sightline EDM’s IT Infrastructure monitoring system.
The Industrial Internet of Things (IIoT) is changing the landscape of the U.S. manufacturing industry. Companies that understand the patterns and trends and position themselves to prepare for the impending advances will most certainly gain a competitive edge in the global marketplace.
Companies no longer have the luxury of being anything but data-driven. Data used to be something to simply maintain and manage, but now it’s a valuable asset that companies use to gain a competitive edge. With change happening so rapidly, how are manufacturers preparing to take advantage of the massive amounts of data that is available and more importantly, how are they using that data to really take advantage of the power that IIoT delivers?
When posing the question of how manufacturing companies are preparing for IIoT, many manufacturing leaders think of IIoT as something far off in the distance, but they don’t really understand the full impact that is coming. Many see it as a fad or something that may only have some effect on the way they handle day-to-day operations in the long run. As we begin to peel back the layers of IIoT, one sees that there is a strong potential for a shift to occur that will change the entire manner in which manufacturing companies operate similar to what the manufacturing industry saw when they were first implementing automation and began using IT and other electronics. As a result, manufacturing leaders are seeking to develop formal and informal IIoT strategies that will position their companies to take advantage of new opportunities to streamline efficiencies, reduce downtime and stimulate profitability sooner rather than later.
If one reviews the history of manufacturing, there are four distinct manufacturing industrial revolutions spanning from the initial mechanical production facilities to mass production to use of electronics and IT to IIoT and systems integration. The fourth industrial revolution, or Industry 4.0, will allow manufacturers to leverage the Industrial Internet of Things (IIoT) to collect vast amounts of sensor and network data, apply advanced analytics and further utilize new technology such as robots and 3-D printing to improve quality and output.
While some progressive manufacturers see where the industry is headed, many are only at the starting gate of the next wave of innovation fueled by IIoT applications and solutions. According to a recent study by Smart Industry, many manufacturers are focused on learning and benchmarking to formulate winning strategies. Many will be using the findings to reduce operational costs, optimize asset utilization, improve worker productivity, enhance workplace safety, enhance the customer experience and create new business models and revenue streams.
The best way for the manufacturing industry to capitalize on IIoT is by gathering more data from sensors and systems and utilizing it to make business-driven decisions. While that may seem as though it is not an easy task, by adding advanced analytics solutions now, manufacturers will most certainly have more “a-ha” moments as they produce insights previously clouded by uncertainty or unattainable due to limited resources and time.
The advanced platforms will enable manufacturers to gather the right data, at the right time which can be leveraged to make well-informed, and most importantly, proactive business decisions. These tools will provide more insight and will enable manufacturers to develop a major engine to identify and create new products, services and profit centers all while simultaneously improving production efficiency, reducing costs, preventing downtime, ensuring quality and enhancing their overall ability to strategically plan business operations.
Data is being collected by sensors, PLCs and more to the point some manufacturers are overwhelmed with data and aren’t really sure where to start. With so much data readily available, many manufacturers are wondering how to start implementing IIoT technologies in a thoughtful manner. Many manufacturers are taking a very close look at the data they want to collect and how they will use the information to streamline efficiencies, realize opportunities and produce a sizeable return on investment (ROI).
Manufacturers are concerned by a host of obstacles for adopting IIoT in their companies, with the most notable being cybersecurity. Cybersecurity concerns, lack of overall IIoT knowledge internally, legacy products that do not have obvious IIoT connectivity and lack of senior management support and commitment, just to name a few, are among the most pressing issues that keep manufacturers up at night. In order to wrap their arms around these challenges, proactive manufacturers will need to gain a better understanding of how to leverage advanced analytics. The traditional manufacturing business model is quite reactive and relies on management to be the primary driver of change, production that is driven by a sales forecast, and system improvements if, and only if, it is perceived to be “broken.” As the manufacturing landscape advances due to IIoT, manufacturers must begin to take a more holistic view of the entire company to better understand how one part of the operation affects other parts in order to take advantage of enormous opportunities for improvement and to proactively gain the competitive edge.
As manufacturers begin to take a more holistic approach, many are working with internal teams, suppliers and consultants to decide the most valuable data to collect, what systems require enhancement, how the data will help them realize opportunities as well as how to gauge the full impact of IIoT changes within and outside the company. The two most critical issues are data management and cybersecurity. These areas will be critical challenges for the company to address as it affects future competitiveness
IIoT is most definitely changing the landscape of the manufacturing industry as we know it. Manufacturers that read the trends, understand data patterns and begin to lay the foundation now to proactively take advantage of the technological advances will be poised to remain viable in the global marketplace throughout the decades to come.