|
Cyber Losses Snowballing Despite an Increase in Cyber Security Spending
The study found losses stemming from cyber security threats had grown almost six-fold, jumping from a median cost of $10,000 to $57,000 per company within the reported period. However, firms also stepped up their cyber security spending by 39% to keep up with the increasing threats. Contrarily, the number of businesses targeted fell from 61% to 39% during the same period. The study analyzed 5,569 companies from both the private and public sectors in the U.S., UK, Germany, France, Belgium, Spain, Ireland, and the Netherlands.
https://www.cpomagazine.com/cyber-security/cyber-losses-snowballing-despite-an-increase-in-cyber-security-spending/
Businesses' ability to contain cyber attacks declines [Registration]
A survey by IBM Security found that the ability of businesses worldwide to contain a cyber attack has declined by 13% over the past five years, The Jerusalem Post reported. Nearly 75% of organizations surveyed reported that their security response plans are either ad-hoc, applied inconsistently, or they have no plans at all.
https://www.businessinsurance.com/article/20200706/STORY/912335461/Businesses-ability-to-contain-cyber-attacks-declines
FBI, CISA Share Mitigation Guidance for Obfuscated Cyberattacks Via Tor
“The use of Tor in this context allows threat actors to remain anonymous, making it difficult for network defenders and authorities to perform system recovery and respond to cyberattacks,” they added. “Organizations that do not take steps to block or monitor Tor traffic are at heightened risk of being targeted and exploited by threat actors hiding their identity and intentions using Tor.”
https://healthitsecurity.com/news/fbi-cisa-share-mitigation-guidance-for-anonymous-cyberattacks-via-tor
#HowTo Neutralize Wide-Area Network Cyber-Threats
To protect the growing volume of data flowing across a WAN in a remote working environment, enterprises also might consider turning to a managed security solution for their remote access network. In doing so, they gain peace of mind knowing a third party is actively monitoring the network, administering enterprise-level security tools and responding to threats as needed.
https://www.infosecurity-magazine.com/opinions/neutralize-wan-threats/
Why Are Real IT Cyber Security Improvements So Hard to Achieve?
However, I suspect that the single largest factor in the lack of improvement to security is that companies that suffer major breaches face few meaningful consequences for them. Organizations that report major security problems might suffer some backlash from consumers, but I’ve yet to hear of a major corporation going out of business because it failed to take IT cyber security seriously. Equifax remains profitable as ever, for example, despite the major breach it suffered.
https://www.itprotoday.com/devops-and-software-development/why-are-real-it-cyber-security-improvements-so-hard-achieve
Under Attack: Cybersecurity, Ransomware Top Concerns for Credit Unions
The report also noted credit unions worry about keeping up with regulatory changes, managing exams and audits, as well as ensuring separation of duties and business continuity in a disaster. To help stay on top of changing regulatory landscape, the report said credit unions should adhere to the FFIEC’s guidelines, which provide compliance expectations in almost a dozen areas, and consider using regtech solutions.
https://www.cutimes.com/2020/07/06/under-attack-cybersecurity-ransomware-top-concern-for-credit-unions/?slreturn=20200606213321
Frequency, size of fines for failing to secure data will grow by 2025, report
Among the 1,000 queried British IT workers in late April, six percent anticipate a dramatic rise in penalties and only three percent of the respondents foresaw their companies paying less in penalties and not be in hot water with regulators, according to a new study from DSA Connect. Five percent admitted their data disposal processes are “poor,” and a fifth of them said they didn’t know whether the information is being handled safely.
https://www.scmagazine.com/home/security-news/frequency-size-of-fines-for-failing-to-secure-data-will-grow-by-2025-report/
US Secret Service reports an increase in hacked managed service providers (MSPs)
[Secret] Service officials said their investigations team (GIOC -- Global Investigations Operations Center) has been seeing an increase in incidents where hackers breach MSP solutions and use them as a springboard into the internal networks of the MSP's customers. Secret Service officials said they've been seeing threat actors use hacked MSPs to carry out attacks against point-of-sale systems, to perform business email compromise (BEC) scams, and to deploy ransomware.
https://www.zdnet.com/article/us-secret-service-reports-an-increase-in-hacked-managed-service-providers-msps/
ICS cyber security is the second coming of the Maginot Line – and the Chinese have breached it
The focus for ICS cyber security has been on the OT networks, assuming all OT cyber threats have to go through the OT Ethernet networks where they could be detected and hopefully blocked. In the WAPA and load tap changer (LTC) cases, the Chinese went around the network cyber security and bypassed the OT cyber security Maginot Line. Without process sensor monitoring, backdoor connections may not be detected.
https://www.controlglobal.com/blogs/unfettered/ics-cyber-security-is-the-second-coming-of-the-maginot-line-and-the-chinese-have-breached-it
UN chief warns COVID-19 provides opportunity for terrorists
"The pandemic has also highlighted vulnerabilities to new and emerging forms of terrorism, such as misuse of digital technology, cyber attacks and bio-terrorism," he said. Josep Borrell, the European Union's top diplomat, told the virtual meeting that a global understanding of the pandemic's implications on counter-terrorism efforts across the world is needed.
https://www.startribune.com/un-chief-warns-covid-19-provides-opportunity-for-terrorists/571651952/
The Cybersecurity 202: Hacking tensions with Iran are surging again after nuclear site fire [Subscription]
Three Iranian officials have anonymously blamed a foreign cyberattack for the fire, which caused significant damage and threatens to slow the nation’s development of advanced centrifuges by months[.] It's not clear if the fire itself was caused by a cyberattack, though some Iranian officials have suggested such attacks could have been launched by the United States or Israel. Regardless, Iran may respond in cyberspace where it faces a comparatively level playing field compared to conventional military conflict.
https://www.washingtonpost.com/news/powerpost/paloma/the-cybersecurity-202/2020/07/06/the-cybersecurity-202-hacking-tensions-with-iran-are-surging-again-after-nuclear-site-fire/5f0232eb88e0fa7b44f6defd/
EXCLUSIVE: Southcom commander describes Chinese and Russian threats in the Americas
China is also “quietly” doing military-to-military diplomacy in the region, offering to sign agreements and host students. Cash-strapped Latin American nations are also receiving gifts of Chinese military technology, including trucks and small boats. On the economic front, China is aggressively promoting use of its 5G technology, cyber, and security platforms. “They're coming in with packages that allow the surveillance of cities, and then, of course, the downside of that for the city is the back door it provides China with all the intel,” said Faller.
https://www.washingtonexaminer.com/policy/defense-national-security/exclusive-southcom-commander-describes-china-russia-threats-in-the-americas
North Korean hackers linked to web skimming (Magecart) attacks, report says
While many government-backed groups engage in cyber-espionage activities only, North Korea, due to sanctions that are crippling its economy, also uses state hackers to gather funds for its government. Pyongyang's hackers have been linked to cyber-heists at banks all over the globe, have been involved in ATM heists and ATM cash-outs, have orchestrated cryptocurrency scams, and have breached cryptocurrency exchanges. They are also known to regularly buy commodity malware off the underground cybercrime market, and have been recently spotted planning COVID-19 phishing campaigns.
https://www.zdnet.com/article/north-korean-hackers-linked-to-web-skimming-magecart-attacks-report-says/
Cybersecurity Education for Lawyers
Cyber-security issues have continued to be a major concern for lawyers, as cyber-criminals have begun to target lawyers to access client information, including trade secrets, business plans and personal data. [...] That is particularly true where there is outside access to the internal system by third parties, including law firm employees working at other firm offices, at home or when traveling, or clients who have been given access to the firm’s document system.
https://www.law.com/newyorklawjournal/2020/07/06/cybersecurity-education-for-lawyers/
Privacy fears over home security cameras as Wi-Fi signals can be hacked by criminals to tell when people are home or not
They found online traffic generated by the cameras, which are often triggered by motion, could be monitored and used to predict when a house is occupied or not. A lack of traffic throughout a working day could indicate that a homeowner is out, for example, leaving the home vulnerable to a burglary if linked with address data.
https://www.dailymail.co.uk/sciencetech/article-8493921/Wi-Fi-signals-hacked-criminals-tell-people-home-not-experts-warn.html
IRS “cyber crimes unit” to go after dark web crypto tools and other less trackable stuff
“The information collected ‘will allow developers and testers to conduct investigative research’ on privacy-enabled digital assets such as Monero (XMR), Zcash (ZEC), Dash (DASH), Grin (GRIN), Komodo (KMD), Verge (XVG), and Horizon (ZEN); layer-2 solutions on public blockchains such as the Lightning Network (LN) and side chains such as Plasma and OmiseGo,” writes Lujan Odero at Bitcoin Exchange Guide, citing an IRS statement.
https://warriortradingnews.com/2020/07/06/irs-cyber-crimes-unit-to-go-after-dark-web-crypto-tools-and-other-less-trackable-stuff/
Home routers largely unpatched, raising risk during Covid-19 WFH
“Our results are alarming,” the report stated, noting no router is without flaws. “Many routers are affected by hundreds of known vulnerabilities. Even if the routers got recent updates, many of these known vulnerabilities were not fixed. What makes matters even worse is that exploit mitigation techniques are used rarely.
https://www.scmagazine.com/home/security-news/home-routers-largely-unpatched-raising-risk-during-covid-19-wfh/
Admins Urged to Patch Critical F5 Flaw Under Active Attack
Last week, F5 Networks issued urgent patches for the critical remote code-execution flaw (CVE-2020-5902), which has a CVSS score of 10 out of 10. The flaw exists in the configuration interface of the company’s BIG-IP app delivery controllers, which are used for various networking functions, including app-security management and load-balancing. Despite a patch being available, Shodan shows almost 8,500 vulnerable devices are still available on the internet.
https://threatpost.com/patch-critical-f5-flaw-active-attack/157164/
Three UK: We're sending you this SMS to warn you not to pay attention to unsolicited texts
The definitely-not-smishing-honest message was received by Reg reader Chris, and he was not very chuffed with it. He told us: "They send an unsolicited out-of-the-blue SMS which asks you to 'click' (not tap) on a link. When checked out in a sandboxed environment this goes to an insecure http-only page which warns of suspicious text messages and a video telling recipients not to tap on any links. Awesome!"
https://www.theregister.com/2020/07/06/three_uk_sma/
|
