Wave Systems Corp. (fka WAVXQ)

[Genz2]

South Korea reckons mystery hackers cracked open advanced weapons servers

https://www.theregister.co.uk/2019/01/17/south_korea_defense_ministryt_hacked/

No idea who could have been behind this one...

The South Korea Ministry of National Defense says 10 of its internal PCs have been compromised by xxxxx xxxxx unknown hackers.

Korea's Dong-A Ilbo reports that the targeted machines belonged to the ministry's Defense Acquisition Program Administration, the office in charge of military procurement.

The report notes that the breached machines would have held information on purchases for things such as "next-generation fighter jets," though the Administration noted that no confidential information was accessed by xxxxx xxxxx the yet-to-be identified infiltrators.

xxxxx xxxxx The mystery hackers got into the machines on October 4 of last year. Initially trying to break into 30 machines, the intruders only managed to compromise 10 of their targets.

After traversing the networks for more than three weeks the intrusion was spotted on October 26 by the National Intelligence Service, who noticed unusual activity on the procurement agency's intellectual property servers.

An investigation eventually unearthed the breach, and concluded that xxxxx xxxxx the mystery hackers did get into a number of machines but didn't steal anything that would be of use to xxxxx xxxxx a hostile government .

The incident was disclosed earlier this week in a report from a South Korean politician.

"It is dubious whether the agency issued a conclusion to conceal damage and minimize the scope of penetration," Dong-A Ilbo quotes Lthe politico as saying.

"Further investigation to find out if the source of attacks is North Korea or any other party."

The report notes that the attack on the Defense Acquisition Program Administration appears to be part of a larger effort by xxxxx xxxxx an unknown group to infiltrate networks throughout the South Korean government in order to steal data.

The government says it is working on "extra countermeasures" to prevent future attacks by xxxxx xxxxx mystery foreign groups. ®
================================================================
In this situation Self Encypting Drives (managed by Wave) and Wave ERAS could have prevented a potential disaster. Is letting unknown devices (bad guys) roam the network for more than three weeks or at all a good idea? Wave has a better plan and is illustrated in the highlighted summary below. Frustrated hackers will move on to easier targets. imo.
=================================================================
https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management

Secure device & user authentication

Sometimes it feels like security is more effective at deterring your users than hackers. But you still have to protect your enterprise resources, and we’re here to help. We take pride in securing your network, data, and resources to an unprecedented level, without causing a revolt from either IT or your users. In fact, your users probably won’t even know we’re there.

Here’s how it works:

Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication

Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.

Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.

With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.

Token-free, password-free user authentication

We know you’ve dreamt about shredding your list of passwords. Go on and do it.

Because you are starting the authentication process in the device’s hardware, the user doesn’t have to interact with it. All users see is their usual Windows log-in screen – no more additional passwords to access the VPN or other resources. They just sign in once, and the secure credentials in their TPMs securely and quickly connect them to everything they need. Say goodbye to user frustration and slow OS performance.

Decrease expenses with virtual smart cards

You know what else happens when you take passwords out of the equation? A lot fewer calls to IT. Imagine if you took password resets out of the picture – that frees up a chunk of IT time, lowering your operating expenses significantly.

If your organization currently uses traditional tokens or smart cards, switching to virtual smart cards takes an even bigger burden off of IT – we use the hardware-protected credentials in the TPM to create a virtual smart card, which performs the same functionality as traditional smart cards. That means no need to purchase, deploy, replace or maintain external tokens, smart cards or smart card readers. Because virtual smart cards are already on your machines and can’t be forgotten, lost or stolen, you have lower capital expenses and lower operating expenses.

Wave's is the only management to support virtual smart cards on Windows 7, as well as Windows 8 and 8.1.

Key Features are at the link-
================================================================
https://www.wavesys.com/products/wave-virtual-smart-card

https://www.wavesys.com/products/wave-self-encrypting-drive-management