Category Archives: cyberattack

MSPs face increased risks and opportunities to rethink cybersecurity

Managed service providers (MSPs) and their small-and medium-sized business (SMB) customers lack the tools and resources needed to sufficiently defend against rising cyberattacks and threats, according to Continuum. Security shortcomings The report found significant shortcomings in how MSPs offer cybersecurity, emphasizing the need for both MSPs and their SMB customers to reevaluate their cybersecurity strategies and identify effective solutions to bridge the widening IT skills gap. Conducted by Vanson Bourne, the study surveyed 200 MSPs … More

The post MSPs face increased risks and opportunities to rethink cybersecurity appeared first on Help Net Security.

1 in 5 SMBs have fallen victim to a ransomware attack

Ransomware remains the most common cyber threat to SMBs, according to a Datto survey of more than 1,400 MSP decision makers that manage the IT systems for small-to-medium-sized businesses. SMBs are a prime target While it is used against businesses of all sizes, SMBs have become a prime target for attackers. The report uncovered a number of ransomware trends specifically impacting the SMB market: Ransomware attacks are pervasive. The number of ransomware attacks against SMBs … More

The post 1 in 5 SMBs have fallen victim to a ransomware attack appeared first on Help Net Security.

How seriously are businesses taking their PKI security?

While most enterprises demonstrate a committed effort towards maintaining a well-rounded PKI setup, they still fall short in several key categories. The post-Black Hat survey report generated by AppViewX indicated that the primary reason for these shortfalls resided in the fact that most certificate- and PKI-processes were bound by silos, manual workflows, and a lack of synergy between systems. For instance, nearly 50% of the respondents admitted to still relying on passwords to safeguard private … More

The post How seriously are businesses taking their PKI security? appeared first on Help Net Security.

Researchers may have found a way to trace serial IP hijackers

Hijacking IP addresses is an increasingly popular form of cyberattack. This is done for a range of reasons, from sending spam and malware to stealing Bitcoin. It’s estimated that in 2017 alone, routing incidents such as IP hijacks affected more than 10 percent of all the world’s routing domains. Left to right: senior research scientist David Clark, graduate student Cecilia Testart, and postdoc Philipp Richter. Photo by Jason Dorfman, MIT CSAIL. There have been major … More

The post Researchers may have found a way to trace serial IP hijackers appeared first on Help Net Security.

Impact and prevalence of cyberattacks that use stolen hashed administrator credentials

There’s a significant prevalence and impact of cyberattacks that use stolen hashed administrator credentials, also referred to as Pass the Hash (PtH) attacks, within businesses today, according to a survey from One Identity. Among the survey’s most noteworthy findings is that 95% of respondents say that PtH attacks have a direct business impact on their organizations. Conducted by Dimensional Research, the survey of more than 1,000 IT professionals reinforces the crucial need for organizations to … More

The post Impact and prevalence of cyberattacks that use stolen hashed administrator credentials appeared first on Help Net Security.

BEC explodes as attackers exploit email’s identity crisis

850,000 domains worldwide now have DMARC records, a 5x increase since 2016, according to Valimail. However, less than 17% of global DMARC records are at enforcement — meaning fake emails that appear to come from those domains are still arriving in recipients’ inboxes. Among large companies, only one in five enterprise DMARC records is at enforcement, a significant factor in the wild success of business email compromise (BEC) attacks, which has produced more than $26 … More

The post BEC explodes as attackers exploit email’s identity crisis appeared first on Help Net Security.

64% of IT decision makers have reported a breach in their ERP systems in the past 24 months

ERP applications are ‘critical’ to business operations, according to the IDC survey of 430 IT decision makers. ERP-related breach Sixty-four percent of the 191 decision makers surveyed whose organizations rely on SAP or Oracle E-Business Suite confirmed that their deployments have had an ERP-related breach in the last 24 months. “Enterprise Resource Planning (ERP) applications such as Oracle E-Business Suite and SAP (ECC) can be foundational for businesses. A breach of such critical ERP applications … More

The post 64% of IT decision makers have reported a breach in their ERP systems in the past 24 months appeared first on Help Net Security.

Enterprises leaving themselves vulnerable to cyberattacks by failing to prioritize PKI security

IoT is one of the fastest growing trends in technology today, yet enterprises are leaving themselves vulnerable to dangerous cyberattacks by failing to prioritize PKI security, according to new research from nCipher Security. The 2019 Global PKI and IoT Trends Study, conducted by research firm the Ponemon Institute and sponsored by nCipher Security, is based on feedback from more than 1,800 IT security practitioners in 14 countries/regions. The study found that IoT is the fastest-growing … More

The post Enterprises leaving themselves vulnerable to cyberattacks by failing to prioritize PKI security appeared first on Help Net Security.

49% of infosec pros are awake at night worrying about their organization’s cybersecurity

Six in every ten businesses have experienced a breach in either in the last three years. At least a third of infosec professionals (36%) whose employers had not recently been a victim of a cyber attack also believe that it is likely that they are currently facing one without knowing about it. This may be an indicator of a bumper year for breaches, as the total number of organizations reporting breaches in 2018 only came … More

The post 49% of infosec pros are awake at night worrying about their organization’s cybersecurity appeared first on Help Net Security.

Cyber risks are the top concern among businesses of all sizes

Cyber risks are the top concern among businesses of all sizes for the first time since the Travelers Companies’ survey began in 2014. Of the 1,200 business leaders who participated in the survey, 55% said they worry some or a great deal about cyber risks, ahead of medical cost inflation (54%), employee benefit costs (53%), the ability to attract and retain talent (46%) and legal liability (44%). As concerns about cyber threats have grown, a … More

The post Cyber risks are the top concern among businesses of all sizes appeared first on Help Net Security.

Danish company Demant expects to suffer huge losses due to cyber attack

Danish hearing health care company Demant has estimated it will lose between $80 and $95 million due to a recent “cyber-crime” attack. Though the company has yet to share details about the “IT infrastructure incident”, it is widely believed to be the work of ransomware-wielding attackers. What is known? The attack started on September 2 and, apparently, the company quickly decided to shut down IT systems across multiple sites and business units: Still, the reaction … More

The post Danish company Demant expects to suffer huge losses due to cyber attack appeared first on Help Net Security.

Email is an open door for malicious actors looking to exploit businesses

There’s an alarming scale of risks businesses are up against in a time when email is proving an open door for cybercriminals and malicious actors looking to disrupt, exploit and destroy businesses, according to Wire. The report is developed in collaboration with global poker champion and astrophysicist, Liv Boeree. P​oker is a game of making calculated, strategic decisions in high-stakes situations. As such, Liv is able to draw parallels between the poker table and the … More

The post Email is an open door for malicious actors looking to exploit businesses appeared first on Help Net Security.

Older vulnerabilities and those with lower severity scores still being exploited by ransomware

Almost 65% of top vulnerabilities used in enterprise ransomware attacks targeted high-value assets like servers, close to 55% had CVSS v2 scores lower than 8, nearly 35% were old (from 2015 or earlier), and the vulnerabilities used in WannaCry are still being used today, according to RiskSense. The data was gathered from a variety of sources including RiskSense proprietary data, publicly available threat databases, as well as findings from RiskSense threat researchers and penetration testers. … More

The post Older vulnerabilities and those with lower severity scores still being exploited by ransomware appeared first on Help Net Security.

$5 trillion threat of cyber attacks spur investments in solutions, talent and tech

IT & Business Services M&A Market’s disclosed deal value reached a whopping $97 billion in 1H 2019 – the highest total on record for a six-month period, according to Hampleton Partners. There has also been a significant rise in valuations, with overall median disclosed deal amount reaching $43 million in 1H 2019, up from $23 million in 2H 2018. Deal volume lessened, with 370 transactions inked compared to 432 in 2H 2018. However, trailing 30-month … More

The post $5 trillion threat of cyber attacks spur investments in solutions, talent and tech appeared first on Help Net Security.

Researchers analyzed 16.4 billion requests to see how bots affect e-commerce

The sophistication level of bots attacking e-commerce sites is on the rise, with nearly four-fifths (79.2 percent) classified as moderate or sophisticated, up from 75.8 percent in 2018, according to the Imperva report. The report analyzed 16.4 billion requests from 231 domains during the month of July 2019. E-commerce companies suffer from a continual barrage of bad bots that criminals, competitors, resellers and investment companies use to carry out unauthorized price scraping, inventory checking, denial … More

The post Researchers analyzed 16.4 billion requests to see how bots affect e-commerce appeared first on Help Net Security.

Eight great habits that enterprises can practice for bolstering cybersecurity

Estimated reading time: 3 minutes

Efficient cybersecurity is built on the foundation of good habits practised by internal customers. Enterprises may think a great deal about implementing effective cybersecurity practices and have plenty of meetings, but it’s actually not that complicated.

An effective framework is the first step but more importantly, is ensuring effective habit-formulation.

Unfortunately, enterprises are populated by humans who like to take the easier but riskier way out. Whether it’s setting the same password across all accounts, leaving data freely available or using company devices on risky Wi-Fi networks, bad habits can be problematic.

Here are a few tendencies that should be eliminated as soon as possible.

  1. Weak passwords

The problem with weak passwords is an issue that plagues an entire organization, from the top to the bottom. It’s not enough to have a policy about strong passwords – it’s also important to run regular campaigns across the entire organization with real-life case studies to educate employees on the importance of using strong passwords and how to do so.

  1. A lack of a security policy

The lack of a single unified security policy is an extremely bad enterprise security habit. A proper policy keeps all information and strategies in one place, becoming a one-stop repository in case of crises. Without a security policy, it is difficult for enterprises to remain protected.

  1. Taking shortcuts

When enterprises underestimate the damage cyberattacks, the propensity is to run towards shortcuts. This means being reactionary to attacks and not taking cybersecurity seriously by running the most basic of solutions and not investing too much time and energy. This is a recipe for disaster – cybersecurity is an extremely important function of an enterprise today and needs to be taken as seriously as any other function.

  1. Forgetting to have cybersecurity drills

Just like fire safety drills, it’s important to have regular cybersecurity drills. This inculcates preparedness into employees and gives them an idea of what happens during a cyberattack. But many organizations go for months and years without having one. This makes them extremely unprepared in the event of an actual cyber attack.

  1. Delayed patching and updating

Vulnerabilities in different enterprise software are often found every day and patches & updates are released to keep businesses safe from a cyber strike. But organizations can often be guilty of not being up-to-date on patching software for vulnerabilities. Hackers and cybercriminals are aware of this and often use these vulnerabilities to enter systems and cause immense chaos.

  1. Not investing in backup

An enterprise security framework goes a long way in enabling protection and strong solutions can also play a part. But it’s always important to have a fallback plan and that is where backup comes in. By backing up critical data at regular intervals, enterprises can ensure they have something to fall back on, in case of critical situations. However, many enterprises neglect this important step and as a result, put themselves at great risk in the event of unforeseen circumstances.

  1. Underestimating social engineering

Many enterprises can slip into the notion that cybersecurity is purely a technological problem and putting in place, a strong cybersecurity solution can solve all problems. But that is not the case – social engineering is as big an issue as cybersecurity, nowadays. The only way to solve this is to ensure that employees are as well- versed in cybersecurity issues.

  1. The problem with access control

Access control is an issue almost every organization struggles with. They may have the strongest firewalls but it can be sometimes of no use if every user in the organization has access to everything. That makes the company very susceptible to insider breaches. This also means that, if a hacker manages to gain control of a system with access to the network he can break the entire IT infrastructure.

Seqrite’s Unified Threat Management (UTM) provides a one-stop solution for many of the problems identified above. It acts as the first line of defence providing IT security management, a safe working environment, high productivity, regulatory compliance in a cost-effective way.

The post Eight great habits that enterprises can practice for bolstering cybersecurity appeared first on Seqrite Blog.

Phishing attacks up, especially against SaaS and webmail services

Phishing attacks continued to rise into the summer of 2019 with cybercrime gangs’ focus on branded webmail and SaaS providers remaining very keen, according to the APWG report. The report also documents how criminals are increasingly perpetrating business email compromise (BEC) attacks by using gift card cash-out schemes. The number of phishing attacks observed in the second quarter of 2019 eclipsed the number seen in the three quarters before. The total number of phishing sites … More

The post Phishing attacks up, especially against SaaS and webmail services appeared first on Help Net Security.

How Will the CMMC Impact My Business and How Can We Prepare? Part 1 of 3

Part 1: Laying the Groundwork for Achieving Certification In June of this year, my colleague Tom Taylor wrote about the DoD’s announcement to instate the Cyber Security Maturity Model Certification (CMMC) and elaborated on the fact that, with the CMMC, the DoD appears to be addressing our customers’ core compliance pain points: Varying standards – […]… Read More

The post How Will the CMMC Impact My Business and How Can We Prepare? Part 1 of 3 appeared first on The State of Security.

Threat visibility is imperative, but it’s even more essential to act

Cyberthreats are escalating faster than many organizations can identify, block and mitigate them. Visibility into the expanding threat landscape is imperative, but according to a new threat report released by CenturyLink, it is even more essential to act. “As companies focus on digital innovation, they are entering a world of unprecedented threat and risk,” said Mike Benjamin, head of CenturyLink’s threat research and operations division, Black Lotus Labs. “Threats continue to evolve, as do bad … More

The post Threat visibility is imperative, but it’s even more essential to act appeared first on Help Net Security.

Exploitation of IoT devices and Windows SMB attacks continue to escalate

Cybercriminals upped the intensity of IoT and SMB-related attacks in the first half of 2019, according to a new F-Secure report. The report underscores the threats IoT devices face if not properly secured when online, as well as the continued popularity of Eternal Blue and related exploits two years after WannaCry. F-Secure’s honeypots – decoy servers that are set up to lure in attackers for the purpose of collecting information – measured a twelvefold increase … More

The post Exploitation of IoT devices and Windows SMB attacks continue to escalate appeared first on Help Net Security.

Security leaders lack confidence in the supply chain, fear third-party attacks

An overwhelming number of cybersecurity professionals (89%) have expressed concerns about the third-party managed service providers (MSPs) they partner with being hacked, according to new research from the Neustar International Security Council. Survey participants in July 2019 comprise 314 professionals from across six EMEA and US markets. While most organizations reported working with an average of two to three MSPs, less than a quarter (24%) admitted to feeling very confident in the safety barriers they … More

The post Security leaders lack confidence in the supply chain, fear third-party attacks appeared first on Help Net Security.

7 Questions to Ask Your Child’s School About Cybersecurity Protocols

Just a few weeks into the new school year and, already, reports of malicious cyberattacks in schools have hit the headlines. While you’ve made digital security strides in your home, what concerns if any should you have about your child’s data being compromised at school?

There’s a long and short answer to that question. The short answer is don’t lose sleep (it’s out of your control) but get clarity and peace of mind by asking your school officials the right questions. 

The long answer is that cybercriminals have schools in their digital crosshairs. According to a recent report in The Hill, school districts are becoming top targets of malicious attacks, and government entities are scrambling to fight back. These attacks are costing school districts (taxpayers) serious dollars and costing kids (and parents) their privacy.


Prime Targets

According to one report, a U.S. school district becomes the victim of cyberattack as often as every three days. The reason for this is that cybercriminals want clean data to exploit for dozens of nefarious purposes. The best place to harvest pure data is schools where social security numbers are usually unblemished and go unchecked for years. At the same time, student data can be collected and sold on the dark web. Data at risk include vaccination records, birthdates, addresses, phone numbers, and contacts used for identity theft. 

Top three cyberthreats

The top three threats against schools are data breaches, phishing scams, and ransomware. Data breaches can happen through phishing scams and malware attacks that could include malicious email links or fake accounts posing as acquaintances. In a ransomware attack, a hacker locks down a school’s digital network and holds data for a ransom. 

Over the past month, hackers have hit K-12 schools in New Jersey, New York, Wisconsin, Virginia, Oklahoma, Connecticut, and Louisiana. Universities are also targeted.

In the schools impacted, criminals were able to find loopholes in their security protocols. A loophole can be an unprotected device, a printer, or a malicious email link opened by a new employee. It can even be a calculated scam like the Virginia school duped into paying a fraudulent vendor $600,000 for a football field. The cybercrime scenarios are endless. 

7 key questions to ask

  1. Does the school have a data security and privacy policy in place as well as cyberattack response plan?
  2. Does the school have a system to educate staff, parents, and students about potential risks and safety protocols? 
  3. Does the school have a data protection officer on staff responsible for implementing security and privacy policies?
  4. Does the school have reputable third-party vendors to ensure the proper technology is in place to secure staff and student data?
  5. Are data security and student privacy a fundamental part of onboarding new school employees?
  6. Does the school create backups of valuable information and store them separately from the central server to protect against ransomware attacks?
  7. Does the school have any new technology initiatives planned? If so, how will it address student data protection?

The majority of schools are far from negligent. Leaders know the risks, and many have put recognized cybersecurity frameworks in place. Also, schools have the pressing challenge of 1) providing a technology-driven education to students while at the same time, 2) protecting student/staff privacy and 3) finding funds to address the escalating risk.

Families can add a layer of protection to a child’s data while at school by making sure devices are protected in a Bring Your Own Device (BYOD) setting. Cybersecurity is a shared responsibility. While schools work hard to implement safeguards, be sure you are taking responsibility in your digital life and equipping your kids to do the same. 

 

The post 7 Questions to Ask Your Child’s School About Cybersecurity Protocols appeared first on McAfee Blogs.