The lack of political leadership to face targeted attacks is contributing to the poor job the UK is doing on its national security strategy, says a UK government report discussing the cyber security of the nation’s critical national infrastructure.
EU data protection legislation aims to give users more control over their personal data, and threatens companies with fines for collecting data without user consent and for data breaches. Countless companies have been struggling to become GDPR compliant, but it seems major tech players may not have taken it seriously. After Facebook and Google drew criticism for violating EU’s data protection law, it is now Microsoft’s turn to take the heat.
Small and medium-sized businesses are still a top target for ransomware attacks, and the number of attacks will most likely increase in 2019, according to a recent survey of MSPs. Over half of MSPs confirmed their clients experienced at least one ransomware attack in the first half of the year, while 35 percent said their clients were attacked more than once a day, regardless of their operating system. In fact, the number of ransomware attacks targeting Apple devices has increased five-fold in the past year, the survey found.
While industry reports claim ransomware attacks have dropped, cybersecurity insurance company Beazley Breach Response (BBR) Services has reported otherwise. According to businesses benefiting from its insurance deals, there has been a surge in the number of reported ransomware attacks, especially in September, when incidents nearly doubled from a month earlier.
Artificial intelligence and machine learning are extensively used in cyber defense, but what happens if they backfire and hackers use these technologies for crime? As they concentrate on the capabilities and benefits it can bring to everyday lives, companies have not really focused on how cybercriminals can use AI to create even more advanced and sophisticated threats.
Even though technology budgets have increased, companies are still vulnerable to attacks due to a major cybersecurity workforce gap. For some reason, the gap has widened to a staggering 3 million across North America, Latin America, Asia-Pacific (APAC), and Europe, the Middle East and Africa (EMEA), according to a study by (ISC)2. To reach this conclusion, a number of factors were analyzed, including how many organizations have cybersecurity roles open.
Anthem, the second-largest health insurer in the US, will pay $16 million to the US Department of Health and Human Services, Office for Civil Rights following a data breach that exposed the electronic protected health information (ePHI) of almost 80 million people. Anthem will also initiate a corrective action plan to include thorough risk analysis and regular reporting.
The financial services industry has been one of the most targeted in 2018, with third-party risks still the main cause of data breaches in this sector. Almost 50 percent of financial institutions were breached in the past year, found a survey conducted by Bitdefender, while almost 60 percent experienced an advanced persistent attack or seen signs of suspicious behavior in their infrastructure.
The US Department of Homeland Security Computer Emergency Readiness Team has just issued a technical alert earlier this week, warning that US companies operating in critical sectors are at risk, as cyberespionage attempts from foreign governments were detected. Key targets include Information Technology (IT), Energy, Healthcare and Public Health, Communications, and Critical Manufacturing. From as early as May 2016, CERT says extensive Advanced Persistent Threat tactics, techniques, and procedures were deployed to infiltrate MSPs (managed service providers) customer networks to steal confidential information and interfere with government and business operations.
.jpg)
The healthcare industry is among the top targets of cyberattacks, especially since the internet of things found its way into the industry and completely revolutionized it. After healthcare’s share of ransomware attacks in 2017, and a great deal of data theft, phishing and more ransomware in 2018, cybercriminals gradually switched methods, tapping into the cryptojacking space.
Insider threats are nothing to joke about -- they are a real danger to companies worldwide, who often neglect them. In fact, they rank among the top six threats of 2018, according to statistics. A company will spend at least $8 million yearly on insider threats, the Ponemon Institute has found.
As many as 93 percent of companies in the Forbes Global 2000 list don’t include a vulnerability disclosure policy among top business concerns, according to HackerOne’s The Hacker-Powered Security Report 2018, a deep dive into bug bounty and vulnerability disclosure in the financial services and insurance industries.
