The holidays are a chaotic time for everyone, especially small business owners. Not only are they caring for the needs of their family, they are delivering their customers the excellent service that small business owners pride themselves on.
WannaCry is still fresh in our memory, reminding organizations of how distractive an unpatched vulnerability can be especially if weaponized as a wormable threat that delivers ransomware. BlueKeep has been estimated to have the same disruptive potential as EternalBlue (the exploit responsible for WannaCry) if sporting worm-like behavior, especially since RDP is a commonly used service in organizations, allowing IT and security teams to remotely dial into machines.
Small and medium-sized businesses are still a top target for ransomware attacks, and the number of attacks will most likely increase in 2019, according to a recent survey of MSPs. Over half of MSPs confirmed their clients experienced at least one ransomware attack in the first half of the year, while 35 percent said their clients were attacked more than once a day, regardless of their operating system. In fact, the number of ransomware attacks targeting Apple devices has increased five-fold in the past year, the survey found.
While industry reports claim ransomware attacks have dropped, cybersecurity insurance company Beazley Breach Response (BBR) Services has reported otherwise. According to businesses benefiting from its insurance deals, there has been a surge in the number of reported ransomware attacks, especially in September, when incidents nearly doubled from a month earlier.
As of 2017, a single cyber incident can put a small company out of business, according to new research by Ponemon Institute. The findings confirm Bitdefender’s predictions for 2017 that targeted attacks would increase due to poor security of corporate networks.
More than 1.4 billion data records are estimated to have been compromised in 2016 as a direct result of data breaches, spawning an 86 percent increase compared to 2015, according to a Gemalto’s Breach Level Index. With organizations continuously being targeted by cybercriminals either with sophisticated advanced threats or through infrastructure vulnerabilities, the main driver behind these attacks is often related to financial gains or gratification.
Although insider leaks and attacks continue to multiply, recent research found 58 percent of IT operations and security managers believe their organizations unnecessarily grant access to individuals beyond their roles, with 91 percent predicting the risk of insider threats will grow or stay the same.
Passwords are a perennial problem.
We rely so much on them to secure our company systems, our secrets, our customers’ private information… and yet we typically leave it in the hands of our users to choose their passwords safely.
The internet is a far stranger place than the average user gets to experience. It’s used not only for everyday activities such as looking up recipes and updating Facebook statuses, but also for activities that might land users in jail.
Despite obvious supply chain differences between organizations in different industries, IT architects should consider their generic similarities when integrating various solutions. Quite often, the complexity of the supply chain depends on the entities working together – manufacturers, logistic providers, repackages, retail stores – meaning that security and infrastructures become complex and cumbersome to manage.
