Business and Technology News

Protegrity, a global leader in data security, announced the appointment of Paul Mountford as the company’s new CEO. Mountford joins Protegrity following a successful 30-year career in the technology industry, having held senior executive positions at industry-leading companies such as Cisco Systems, where Mountford ran Cisco’s $34 billion Enterprise business, and Riverbed Technology where Mountford was CEO. Most recently, Mountford served as chief operating officer at Pure Storage, one of the fastest growing enterprise IT companies that provides storage solutions for SaaS and cloud companies to power mission-critical artificial intelligence, machine learning, and analytics in multi cloud environments.      

Armis released data showing the increased security risk faced by healthcare organizations and patients as an increase in connected devices creates an expanded attack surface, putting the patient journey at risk. 85% of IT professional respondents agreed they have seen increased cyber risk over the past 12 months. Ransomware alone has hit organizations hard, with 58% of IT pros in healthcare stating that their organization has been hit with ransomware. The data also shows that while patients are concerned about security, and acknowledge the impact that an attack could have on their care – there is a shocking unawareness about recent cyberattacks.

Ransomware operators will stoop to any tactic necessary to try to force their victims to acquiesce to the ransom demands. One popular tactic is double extortion in which the attackers threaten to publish the stolen data unless the ransom is paid. Now some criminal gangs have devised a twist on that type of ploy. In a new report published Monday, the FBI warns of attacks in which ransomware groups will leak sensitive information that could impact a company's stock price if the ransom goes unpaid. Before launching an actual attack, ransomware operators will research the intended victim to find public and nonpublic information that they can leverage.

Most workers are using business email platforms for personal affairs, potentially putting the company at a significantly higher risk of data breaches and other cybersecurity-related incidents. This is according to a new report from SailPoint Technologies, which when surveying 500 US employees on their behavior surrounding business email accounts, found that 59% use it for personal functions. Two activities particularly stood out to the researchers – using business email to log into social media accounts, and using it to create e-commerce accounts. These two things are highly problematic, SailPoint says, as social media sites are often under attack. And should a breach occur, these email addresses could be compromised and sold on the black market

The Toronto Transit Commission (TTC) – which runs the city's public transportation system – reported a ransomware attack this weekend that forced conductors to use radio, crippled the organization's email system and made schedule information on platforms and apps unavailable. The TTC said it confirmed it was the victim of a ransomware attack after its IT staff "detected unusual network activity and began investigating." Impacted services include the TTC's Vision system, which is used for operators to communicate with Transit Control. Next vehicle information on platform screens, through trip-planning apps and on the TTC website, were unavailable and online wheel trans bookings were also unavailable

London-based diamond specialist Graff has reportedly been hit by a ransomware attack, prompting an investigation from the Information Commissioner's Office. The attack is believed to have been carried out by Conti, an infamous Russia-based ransomware group that has also been blamed for a recent uptick in attacks across the US. A total of 69,000 documents have been leaked on the dark web already, a number which represents just 1% of the total files Conti has stolen, the hacking group claimed. The list of victims includes high-profile names such as ex-footballers David Beckham and Frank Lampard, former president Donald Trump, actors Tom Hanks and Samuel L Jackson, and disgraced businessman Sir Philip Green, according to the Mail on Sunday, which first reported the story.

According to the story by Android Central, the company formerly known as Facebook is currently going to be known as Meta. The publication said that they have heard a lot regarding the promising future of the all-new Metaverse coming from the company. One area, in particular, was said to be noticeably glossed over which is privacy and security. It was stated that the rest of social media is actually filled with people noting how they want to delete their Facebook account and proceed to quit altogether. It was stated that by having policies that plainly allow third parties to be able to collect data about users and their friends while ignoring content that would be harmful to children and teens, Facebook has actually shown that it is actually capable of a number of bad things.

Mozilla has become the latest browser to test the waters in incorporating the Global Privacy Control in Firefox, calling itself "the first major web browser" to do so. The GPC – required under the California Consumer Protection Act and Europe's Global Data Protection Regulation – tells websites not to sell or share your personal data. Mozilla said the GPC is a prerelease feature available for experimental use in Firefox Nightly. A Mozilla spokesperson said they were excited to see GPC getting traction both in California and Colorado. Now that they expect sites to start honoring it, they want to start getting experience with it in the field.

According to NordLocker, there are now thousands of ransomware attacks per day, which has cost businesses an estimated $20 billion overall. And since the most successful attacks are never publicly disclosed, these figures could be on the low end. Recent attacks include Sinclair Broadcast Group, Colonial Pipeline, and multiple municipal water systems. NordLocker found that internet companies and online services are hardly the top targets. Instead, the data shows that construction companies have been hit the hardest with 93 affected companies from the industry. This is closely followed by 86 manufacturing companies.

ENISNA, the European Union Agency for Cybersecurity, has released the latest edition of the ENISA Threat Landscape report, which analyzes cyber criminal activity between April 2020 and July 2021. It warns of a surge in cyber criminality, much of it driven by the monetization of ransomware attacks. Although the paper warns that many different cybersecurity threats are on the rise, ransomware represents the 'prime threat' faced by organizations today, with a 150 percent rise in ransomware attacks during the reporting period. And there are fears that despite the problem of ransomware attracting the attention of world leaders, the problem will get worse before it gets better.

New research from cloud encryption specialist NordLocker looks at which industries are the most popular targets for ransomware, analyzing 1,200 companies hit by 10 infamous ransomware gangs in 2020 and 2021. Perhaps surprisingly the construction sector tops the list with 93 attacks, followed by manufacturing on 86, finance on 69, healthcare on 65, and with education rounding out the top five on 63. Among the hacked companies discovered by NordLocker's research, are not only large organizations, such as a global hotel chain, an automotive conglomerate, or a world-wide clothing brand, but also small family-owned and operated businesses like an Italian restaurant or a local dental clinic.

Digital transformation programs could be vulnerable to cyber attacks due to increased risk tolerances and ongoing cybersecurity challenges, according to a global research of 500 cybersecurity decision makers by NCC Group. Seventy-six percent admitted that they had increased their risk tolerances to allow changes to their operating model (such as remote working) during the pandemic. The research suggests that this ongoing cyber debt has negatively affected organizations’ security postures: forty-five per cent said that their transformation projects had inherited legacy security issues, with just thirty per cent integrating cybersecurity into those programs.

Despite organizations investing heavily in security tools, they remain unconfident, and increasingly worried, about their ability to prevent data exfiltration according to a new report from on-device data privacy, security and ransomware prevention firm BlackFog. The company found that data exfiltration became significantly more important, compared to just a year ago. The bigger the organization, the higher the importance of data exfiltration prevention. Large organizations indicated the highest initial, current, and forecasted levels of importance for preventing data exfiltration. Only two in five are very confident in their organization’s ability to prevent criminals from harvesting data from their networks. To tackle the issue, BlackFog suggests a new approach – anti data exfiltration.

Businesses in industrial goods and services are still the most popular target for ransomware attacks, but cyber criminals are increasingly diversifying which organizations they're extorting. In a significant number of cases, the victim will give in to the demands and pay the ransom. This might be because they don't have back-ups, because the criminals threaten to leak stolen data if they're not paid, or simply because the victim perceives paying the ransom to be the quickest means of restoring the network. Yet in reality, even with the correct decryption key, services can remain disrupted for a long time after the event.

Employees don’t know when to contact the IT department for help and when to solve an issue themselves. Even when they do reach out, they find support is difficult to come by, new research suggests. According to a report from security training firm KnowBe4, based on a poll of more than 320,000 people worldwide, almost a third (30 percent) find it difficult to get IT help and support at work. The report also states that the lack of proper cybersecurity training leaves some employees not knowing when to reach out to IT for support, and others overconfident in their cybersecurity skills.

Ransomware is a major cybersecurity threat to organizations around the world, but it's possible to reduce the impact of an attack if you have a thorough understanding of your own network and the correct protections are in place. While the best form of defense is to stop ransomware infiltrating the network in the first place, thinking about how the network is put together can help slow down or stop the spread of an attack, even if the intruders have successfully breached the perimeter. One of the best ways to do this is to segment the network, so different parts of the organization are separated from one another. If cyber criminals do get into the network, it's much harder for them to move about and compromise other systems.

Gartner analysts released their list of cybersecurity and privacy predictions for the next few years. The predictions ranged from potential legislation to how the market for certain technologies will change from now until 2025. Gartner analysts predicted weaponized OT environments will result in human casualties by 2025 due to malware that they believe will spread at "wirespeeds." The analysts say by that time, cybercriminals will shift from business disruption to physical harm, leading to regulations placing liability on CEOs. For 2023, Gartner expects 75% of the world to be covered under some kind of privacy law with built-in subject rights requests and consent. The key, they said, will be whether privacy management programs can be automated.

Microsoft has made available Privacy Management for Microsoft 365, a new AI-based solution to help enterprises manage data privacy risks and build a privacy resilient workplace, as well as automate the response to subject rights requests at scale. Privacy Management is built-into the Microsoft 365 compliance center and is currently available as an add-on. The solution is aimed to protect the company against privacy risks such as data hoarding, data transfers, and data oversharing, and to teach employees that work with personal data to make smart decisions when it comes to handling it.

The 2021 State Of Ransomware Report from SpyCloud found that 72% of surveyed organizations were affected by ransomware in the past 12 month; 13% were affected 6-10 times and 5% were affected more than 10 times. The survey found that the majority of organizations that were questioned lack the most basic forms of prevention. Despite seeing compromised credentials as a high risk for ransomware attacks, most organizations lack even the simplest practices for shoring up passwords and authentication. 81% considered their security to be above average or exceptional, but 41% didn’t have password complexity requirements, and only 55.6% have implemented multi-factor authentication.

The threat of cybercrime is growing increasingly severe, forcing organizations to prioritize the “zero trust” approach, a new report from cybersecurity firm Ericom suggests. Surveying some 1,300 security and risk professionals for the report, Ericom found that four in five (80 percent) plan to implement zero trust security in the next twelve months. More than half (56 percent), meanwhile, plan to deploy the zero trust within six months. A higher level of security is the obvious motivator for business leaders, but 83 percent also said it’s a strategic decision, especially in light of the US Department of Defense's decision to mandate zero trust.

The cybersecurity of industrial control systems (ICS) is in an “abysmal” state, a new report from CloudSEK has warned. The company scanned the web for vulnerable ICSs and found “hundreds” of vulnerable endpoints, the report explained. Often, these devices had weak passwords or were still configured to factory settings. In some instances, they contained unpatched and outdated software, carrying known and exploitable bugs, while the access credentials and source code for others had been leaked online. According to the report, being able to find exploitable vulnerabilities online doesn’t mean much for powerful nation-state actors, who have the necessary resources anyway. However, “other threat actors” can benefit from this data greatly.

Apricorn announced the findings from a Twitter poll exploring data backup and recovery processes. More than 50 percent of respondents noted that they, or their employees, have experienced a loss of data as a result of not backing up, or a failed backup. Despite this, more than 60 percent of respondents stated that they are not required to play a role in backing up company data. This is particularly concerning given the troves of data now moving beyond the boundaries of the corporate network, as more businesses adopt home working scenarios. Respondents recognize backups as a central IT function but are clearly not sanctioned to take personal action, whether that be through tech, policy or processes.

Ransomware extracted at least $590 million for the miscreants who create and distribute it in the first half of 2021 alone – more than the $416 million tracked in all of 2020, according to the US government’s Financial Crimes Enforcement Network (FinCEN). Total ransomware-related financial activity may have reached $5.2 billion. The $590 million figure is contained in a Financial Trend Analysis report [PDF] by the agency, and reflects transactions identified in financial institutions' Suspicious Activity Reports (SARs). FinCEN's analysis of visible blockchain activity yielded the $5.2 billion figure. Plenty of the transactions observed showed signs of attempted money laundering. Ransomware-slingers are aware that using Anonymity-Enhanced Cryptocurrencies (AECs) and other anonymising services is necessary to cover their slimy trails.

Human hacking – phishing attacks across all digital channels – has dramatically increased in 2021. SlashNext released its first report showing a 51% increase in attacks compared to 2020, and increasingly these attacks are happening outside of email. Apps and browsers are used as humans connect with work, family, and friends. Cybercriminals are taking advantage of this by attacking outside of email and taking advantage of less protected channels like SMS text, social media, gaming, collaboration tools, and search apps. Of the more than 14 million malicious URLs identified to date in 2021, 51% were credential stealing attempts.

Facebook's WhatsApp began a global rollout of end-to-end (E2E) encryption for message backups, which offers Android and iOS users with the ability to protect WhatsApp messages stored in Google Drive and Apple iCloud. WhatsApp claims no other similarly large global messaging service provides E2E encryption for users' stored communications and media – WhatsApp has more than 2 billion users and in some regions serves as the de facto communications platform. While encryption isn't sufficient on its own to guarantee security, its availability for WhatsApp backups closes a gap in the communications chain. Most significantly, WhatsApp is allowing users to manage their own encryption key.

Cyber criminals are distributing a new form of ransomware in attacks against victims in which they not only encrypt the network, but also make threats to launch distributed denial of service (DDoS) attacks and to harass employees and business partners if a ransom isn't paid. Dubbed Yanluowang, the ransomware was uncovered by cybersecurity researchers in Broadcom Software's Symantec Threat Hunter team while they were investigating an attempted cyberattack against an undisclosed large organization. While the attempted attack wasn't successful, the investigation revealed a new form of ransomware. It also provided insight into how some cyber criminals are attempting to make attacks more effective – in this case, with the threat of additional attacks.

Researchers with Barracuda Networks analyzed exploitation activity around Atlassian's Confluence and Microsoft's Azure Open Management Infrastructure (OMI), both of which contained remote code execution (RCE) vulnerabilities and were being targeted in the wild by criminal hackers in recent weeks. Barracuda estimated that more than 500 different IP addresses were launching automated exploits against the two service vulnerabilities. Successful exploitation enables remote control of a vulnerable system. By not properly checking authorization header data, an attacker can sneak commands into an HTTPS request and get total control over a vulnerable machine.

On average, enterprises have 29 security monitoring tools in place, complicating security operations center efforts to prioritize alerts and manage cyber risk effectively. Those defending organizations with more than 10,000 employees typically have around 46 such tools, many of which go unused, underused, or otherwise forgotten. That’s according to a new survey from Trend Micro released today, which found that tool sprawl is increasingly common in incident detection and response, which can lead to high associated costs.

Some 93% of global organizations have suffered a direct breach due to weaknesses in their supply chains over the past year, according to BlueVoyant. The cybersecurity services company polled 1200 IT and procurement leaders responsible for supply chain and cyber-risk management from global companies with 1,000+ employees to compile its report. It revealed the average number of breaches experienced in the past 12 months grew from 2.7 in 2020 to 3.7 in 2021 – a 37% year-on-year increase. Although the percentage of companies that don’t consider third-party risk a priority has fallen from 31% last year to 13% in 2021, the number who admit they have no way of knowing if an incident has occurred in their supply chain rose from 31% to 38%. While 91% of respondents said budgets were increasing this year to help tackle the risk, investments don’t seem to be making an impact.

Criminals can spend weeks in the network before triggering a ransomware attack – and even if protections designed to prevent them from entering the network have failed, this delay can provide an opportunity for preventing a full-blown ransomware attack. The US Department of Commerce's National Institute of Standards and Technology cybersecurity framework lists Identify, Protect, Detect, Respond and Recover as the five functions of securing networks. But many organizations are still attempting to rely on the 'protect' aspect as the main line of defence, without a clear strategy, if they have one at all, on how to detect and respond to threats which bypass protections. The way attacks work means it's still possible to cut them off and prevent a ransomware incident.

The latest Verizon phishing scam was reportedly affecting many subscribers through a malicious text message. The attack was similar to what T-Mobile customers experienced previously. At that time, there were 48 million users that suffered from the data breach. According to the victims, there is a particular phone number that people should avoid. There's a possibility that the unsolicited texts from an unknown sender could retrieve users' data without their permission. On Saturday, Oct. 9, Verizon subscribers started to receive malicious messages from unidentified senders. The phishing scam involves sending texts to a recipient through a suspicious phone number.

Cyberattacks that exploit suppliers and partners to access a company's data are now more costly than ever, a new report from security firm Kaspersky suggests. According to the paper, the average financial impact of a supply chain attack against an enterprise reached $1.4 million this year, making it the most expensive type of incident. Over the past year, almost a third (28 percent) of European enterprises have suffered this type of attack. The volume hasn’t changed “significantly” compared to last year’s report (29 percent), but the financial impact has. The average financial impact across all types of cyberattack rose by almost a third (31 percent) year on year, hitting $1.1 million.

According to a survey of more than 820 organisations by Hornetsecurity, only a third (35.8%) of businesses have insurance cover for ransomware attacks, despite it being one of the most common forms of cyber threat. The findings show that one in five (21.1%) had fallen victim to a ransomware attack, while almost one in 10 (9.2%) were forced to pay the ransom to recover data after an attack. This comes just weeks after a Unit 42 report found that ransomware payments had increased 82% since 2020 to a record $570,000 in the first half of 2021. Hornetsecurity's report also revealed that of those reporting ransomware, just under 12% of respondents were able to recover data through backups, although some data was still lost during this process.

Remote working has increased the likelihood of major cybersecurity incidents for many organizations. This is according to a new report from data center company ServerChoice, which states that plenty of infrastructure went unmonitored during the pandemic. The delay in maintenance and disaster response presents “an ideal opportunity for cybercriminals” to exploit vulnerabilities, the company said. Based on a poll of 1,000 business leaders at small and medium-sized enterprises, ServerChoice found that 77 percent see remote working as an increased risk to their business. For two-thirds (66 percent), it’s harder to monitor network infrastructure, while a quarter (25 percent) willingly left infrastructure unmonitored.

Victims of ransomware attacks who choose to pay a ransom to cyber criminals for the decryption key could have to publicly disclose that a payment was made within 48 hours of doing so. The Ransom Disclosure Act proposed by US Senator Elizabeth Warren and Representative Deborah Ross would require organizations which fall victim to ransomware attacks and pay the ransom to detail information about the payment. Information about ransom payments which would have to be disclosed include the amount of ransom demanded and paid, the type of currency used to pay the ransom – commonly paid in Bitcoin – and any known information about the attackers demanding the ransom.

McAfee Enterprise has released its Advanced Threat Research Report: October 2021, examining cybercriminal activity related to ransomware and cloud threats in the second quarter of 2021. McAfee Enterprises global threat network identified a surge in DarkSide attacks from the group upon legal services, wholesale, and manufacturing targets in the United States. Equally concerning to DarkSide's activity were other ransomware groups operating similar affiliate models, including Ryuk, REvil, Babuk, and Cuba. They deployed business models supporting others' involvement to exploit common entry vectors and similar looks to move within an environment. In fact, REvil/Sodinokibi topped our ransomware detections in Q2 of 2021, accounting for 73% of our top-10 ransomware detections.

Faster decision making, credit card transactions instead of negotiated contracts, and the near-ubiquitous use of peer review sites are all part of the new normal in enterprise software purchasing, which increasingly resembles B2C buying behavior, a G2 study reveals. The survey found that 55% of buyers need less than 3 months to make a decision on a software purchase of $20,000 or more. And 85% of all decisions are made in under six months, a sign of accelerated technology adoption, shorter buying cycles, and a shift away from traditional resources. Companies are making software decisions more quickly than before by doing their own research.

Of all the different industries, businesses in manufacturing and production are the least likely to succumb to the demands of ransomware operators, a new report from cybersecurity company Sophos suggests. Surveying 5,400 people in IT leadership roles, including 438 in manufacturing and production, Sophos found that less than one five (19 percent) manufacturing firms would pay the ransom demand. At the same time, they were most likely (68 percent) to restore data from backups. In total, more than a third (36 percent) of businesses surveyed were attacked with ransomware last year, with 9 percent of victims hit with extortion-based attacks (up from a global average of seven percent).

The potential for cloud technologies to break down silos and enable more contextualized views of data is having a dramatic impact on enterprise investment priorities for operations. When asked to identify investment priorities for operations over the next five years, organizations ranked cloud highest, followed by wireless connectivity and artificial intelligence and machine learning, according to a recent Future of Operations survey from IDC. IDC survey data reveals that fewer than 20% of organizations have put more than 50% of their operational data in the cloud. While many organizations cite AI and ML as an important future technology investment area, most survey respondents indicated that they have no plans to use AI to analyze operational data in the next several years.

Nozomi Networks and the SANS Institute released a survey showing companies are investing more in industrial control system (ICS) cybersecurity to match the increasingly elaborate cyber threat landscape. The 2021 SANS ICS/OT survey got 480 responses, with 47% reporting that their ICS security budgets have increased over the past two years. Nearly 50% of respondents said they did not know if their organizations had suffered from a cybersecurity incident while just 15% admitted that they had one in the last 12 months. Of those who did say they dealt with cybersecurity incidents, more than half said they were able to detect compromise between 6-24 hours. Thirty percent were able to detect compromise in under six hours.

Egnyte’s latest report, based on a survey of 400 IT executives, examines the challenges of securing and governing unstructured content in today’s hybrid and remote work environments. A key finding of the research is that unchecked data growth, combined with a lack of visibility, is increasing the risk of breaches, ransomware, and compliance violations dramatically. 52% of companies use more than ten sanctioned file storage repositories, and 40% report unsanctioned cloud storage in use across the organization, as well as rampant use of informal repositories like email, Slack, and DocuSign. With companies continuing to see their data expand, six major trends emerged in the 2021 Data Governance Trends report, which are covered in this article.

Thousands of bookstores in Europe have been affected by a ransomware attack that targeted a leading software supplier. The ransomware attack targeted TiteLive, a French company that offers cloud-based software for book sales and inventory management. Bookstores affected by the ransomware attack included Libris, Aquarius, Malperthuis, Donner and Atheneum Boekhandels, The Record reported today. The form of ransomware used in the attack that targeted the company has not been disclosed. A ransom payment was demanded and the encryption, which targeted Windows servers run by TiteLive, forced the company’s products offline.

More than two-thirds of organizations have been the target of at least one ransomware attack in the last year, according to a new survey. Ransomware attacks grew 1,070% year-over-year, according to a recent FortiGuard Labs Global Threat Landscape report. A survey of 450 business leaders from small, mid, and large-sized organizations worldwide also found 49% of respondents indicated they’ve paid the ransom outright. Despite 67% of organizations reporting they have been a ransomware target (16% say they were attacked three or more times), 96% feel they are moderately prepared.

Almost a third of consumers have taken a more active role in protecting their privacy this year, including leaving organizations over their data practices or policies. The 2021 Consumer Privacy Survey from Cisco has gathered results from 2,600 people across 12 countries and finds consumers are very concerned about the use of their personal data in AI decision-making, and their trust is at stake. Privacy laws are regarded very positively around the world, although awareness of them remains relatively low in many countries. 86 percent say that they care about their data and 79 percent say they are willing to act to protect it. However, only 54 percent of those surveyed think they are effectively able to protect their personal data.

Ransomware attacks against hospitals are having direct consequences for patient care as a result of the reduced availability of systems and services when cyber criminals encrypt networks. According to a survey of healthcare organizations, ransomware attacks have resulted in patients being kept in hospital longer, delays in tests and procedures – and, most disturbingly of all, an increase in patient deaths.  Targeting hospitals has become a lucrative business for criminal ransomware operations because the nature of healthcare and the requirement for constant access to systems means that, in many cases, the victim will give in and pay the ransom demand for a decryption key.

The Dell Technologies 2021 Global Data Protection Index (GDPI) findings reveal organizations are facing several data protection challenges driven by the constant threat of ransomware and the consumption of emerging technologies such as cloud-native applications, Kubernetes containers and artificial intelligence. According to a recent IDC survey, more than one-third of organizations worldwide have experienced a ransomware attack or breach that blocked access to systems or data in the previous 12 months. The study found that organizations are managing more than 10 times the amount of data than they did five years ago – from 1.45 petabytes in 2016 to 14.6 petabytes in 2021.

Absolute Software released enhanced geolocation capabilities, enabling enterprise and education organizations to strengthen device and data protections in today’s work and learn-from-anywhere environments, and balance the need for increased security with end user privacy. With most businesses planning to adopt some form of remote work for the long term, there is a clear and urgent need to move away from perimeter-based security approaches to those that focus on zero trust and prioritize securing endpoint devices as well as the sensitive data residing on those devices.

Today’s attackers are looking for multi-million-dollar payouts and use increasingly sophisticated methods to achieve their goals. In a world where the types of attacks organizations face are constantly evolving and targeted at prey of all sizes, from individuals all the way up to large corporations (even cybersecurity companies), enterprises must ensure their cybersecurity infrastructure is ready to protect against potential threats. There are numerous paths for ransomware infection, but three of the most common are: phishing and social engineering, password compromises and attacks on software vulnerabilities. This article covers seven steps that will help your company fight off ransomware attacks.

More than 130,000 malicious IP addresses were blocked to ensure no breaches or interruptions were experienced during what was deemed a successful Census 2021, according to Amazon Web Services (AWS). In a blog post, AWS Oceania technology and transformation director Simon Elisha explained that AWS, together with PwC Australia and the Australian Bureau of Statistics (ABS), undertook "extensive DDoS tests" prior to Census 2021 to ensure all data would be secured, in addition to building a web getaway so that each Census form was validated before it was passed along to the ABS processing environment.

These days cloud application developers are also security engineers. There has been a push for developers to build applications at scale, meaning they are becoming ops engineers and database engineers as well as security engineers. However, most developers are not security experts. This has led to DevSecOps practices where developers are given training, tools, and processes to build and deploy more secure cloud-based applications. The emerging concept of cloud-native application protection (CNAP) is helping with this process. CNAP platforms can continuously scan workloads and configurations to find and resolve security issues.

Zloader malware, a tool often used to deliver ransomware, is now being spread through malicious Google ads, according to Microsoft.  The malware is a key part of the cybercrime industry and recently popped up on the radar of Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA). CISA yesterday warned that ZLoader was being used to distribute the Conti ransomware service, which pays ransomware distributors a wage rather than a commission for new infections. According to Microsoft, ZLoader operators are buying Google keyword ads to distribute various malware strains, including the Ryuk ransomware.

Cybersecurity researchers have detailed a ransomware campaign that clearly borrows attack techniques used by nation-state-backed hacking and cyber-espionage operations. As eSentire's security research team began to investigate the incident, they said they "discovered some very curious findings, relating to both the threat group behind the attack, as well as the tools and techniques used in the attack". The attack methods used in the attempted ransomware campaign resembled techniques previously attributed to state-backed Chinese hacking operations including Emissary Panda. The low quality of the ransomware and the lack of any known ransomware breaches by this 'Hello Ransomware' raises the question of whether ransomware is the primary goal of the operators.

Marcus & Millichap, a publicly traded real estate investment firm, suffered a recent cyber attack that may have been the work of the BlackMatter ransomware gang, according to a malware sample found on Hatching Triage. The firm revealed in an 8-K filing with the SEC Monday that it "had been subject to a cybersecurity attack on its information technology systems." Marcus & Millichap claimed that the firm had seen no evidence of a data breach, and it did not identify the attack as a ransomware incident. However, a BlackMatter ransomware sample on Hatching Triage, discovered by Valéry Marchive of TechTarget sister site LeMagIT, showed a ransom note that suggested a connection between the sample and Marcus & Millichap.

The number of businesses planning to move business-critical applications from on-premises onto the cloud has spiked this year, despite growing concerns over potential cybersecurity incidents, new research has found. A report from Equinix polling 2,600 IT decision-makers across the Americas, Asia-Pacific, and EMEA found that 37% of firms currently have plans to move business-critical apps to the cloud, up 11% year-on-year. At the moment, more than half of all IT infrastructure is estimated to already be in the cloud, despite cybersecurity concerns, with almost four in five of respondents in the UK saying that moving to the cloud is a top priority.

The White House is taking additional steps to encourage ransomware victims to alert the federal government, just as the hackers behind those attacks are threatening victims from doing so. The moves mark an escalation between the Biden administration, which has vowed to crack down on criminal hackers who try to extort Americans, and ransomware gangs, which have proven resilient to efforts to stop them. The Treasury Department on Tuesday warned victims of ransomware attacks that paying off hackers may violate U.S. sanctions.

The FBI refrained for almost three weeks from helping to unlock the computers of hundreds of businesses and institutions hobbled by a major ransomware attack this summer, even though the bureau had secretly obtained the digital key needed to do so, according to several current and former U.S. officials. Deploying the key immediately could have helped the victims, including schools and hospitals, avoid millions of dollars in recovery costs, analysts estimate. But the FBI wanted to hold onto the key in part because it was planning to carry out an operation to disrupt the hackers, a group known as REvil, and the bureau did not want to tip them off.

Siemens Energy has launched a new solution for monitoring and responding to cyberthreats against the Industrial Internet of Things. As IoT continues to accelerate and operational technology becomes smarter, companies need to make sure they manage and secure endpoints and industrial networks to mitigate the risk of damage, data theft, and disruption caused by external entities. Siemens said a new offering, dubbed Eos.ii – not to be confused with the blockchain protocol EOS.IO – is an artificial intelligence and machine learning Security Information and Event Management (SIEM) platform that "provides CISOs with an evergreen foundation for industrial IoT cybersecurity." The platform collects and collates data flows from IIoT endpoints for use by security teams, with insights brought together in one interface.

Iowa-based provider of agriculture services NEW Cooperative Inc. has been hit by a ransomware attack, forcing it to take its systems offline. The BlackMatter group that is behind the attack has put forth a $5.9 million ransom demand. The farming cooperative is seen stating the attack could significantly impact the public supply of grain, pork, and chicken if it cannot bring its systems back online. The farming organization says its software powers about 40 percent of grain production and feed schedules of 11 million farm animals. And, as such, US federal government regulators like CISA may soon step in should the cooperative's systems not come back online soon.

Epik has now confirmed that an "unauthorized intrusion" did in fact occur into its systems. The announcement follows last week's incident of hacktivist collective Anonymous leaking 180 GB of data stolen from online service provider Epik. The leaked data dump contains 15,003,961 email addresses belonging to both Epik's customers and non-customers, and not everyone is pleased with the news. This occurred as Epik had scraped WHOIS records of domains, even those not owned by the company, and stored these records. In doing so, the contact information of those who have never transacted with Epik directly was also retained in Epik's systems. Data breach monitoring service HaveIBeenPwned has now begun sending out alerts to millions of email addresses exposed in the Epik hack.

Ransomware is one of the fastest-growing cybersecurity attacks. One of the factors that makes these threats especially intimidating is that the costs can be far-reaching. While it’s common knowledge that ransomware can be expensive for the companies victimized by them—with costs tending to focus on lost business, ransom paid, consultant fees, etc.—there are also lesser-known financial impacts. Some are not related to security, but CISOs and other security leaders need to be aware of these potential costs when it comes to justifying investments in security that could protect against ransomware. Some of these lesser-known costs include: keeping the business running, higher cyber insurance fees, loss of customer trust and marketing and PR investments.

Sonatype released a report that revealed continued strong growth in open source supply and demand dynamics. Further, with regard to open source security risks, the report reveals a 650% year over year increase in supply chain attacks aimed at upstream public repositories, and a fascinating dichotomy pertaining to the level of known vulnerabilities present in popular and non-popular project versions. In 2021 the world witnessed an exponential increase in software supply chain attacks aimed at exploiting weaknesses in upstream open source ecosystems.

A proposed $1 billion addition to the $3.5 trillion economic package would go to the Federal Trade Commission (FTC) for the purposes of establishing a digital division that focuses on privacy issues, cybersecurity incidents and other matters that center on online services and platforms. The full scope of the bill includes “unfair or deceptive acts or practices relating to privacy, data security, identity theft, data abuses, and related matters.” Should the measure pass, it would increase the FTC’s budget by nearly 30% over the coming decade. The agency has struggled with regulation of Big Tech at times due to a simple lack of resources.

Apple introduced a pop-up window for iPhones in April that asks people for their permission to be tracked by different apps.Google recently outlined plans to disable a tracking technology in its Chrome web browser. And Facebook said last month that hundreds of its engineers were working on a new method of showing ads without relying on people’s personal data. The developments may seem like technical tinkering, but they were connected to something bigger: an intensifying battle over the future of the internet. Driven by online privacy fears, Apple and Google have started revamping the rules around online data collection.

IBM Security X-Force published its latest Cloud Security Threat Landscape report, spanning Q2 2020 through Q2 2021. While sampling scanned cloud environments, in every case of a penetration test performed by X-Force Red, the team found issues with either credentials or policies. Two-thirds of cloud security incidents could have been avoided if the configuration of apps, databases, and security policies were correct. Misconfiguration, API errors or exposure, and oversight in securing cloud environments have also led to the creation of a thriving underground market for public cloud initial access. IBM's report also states there has been an increase in vulnerabilities impacting cloud applications, with close to half of over 2,500 reported bugs being disclosed in the past 18 months.

Quantum computing start-up IonQ has signed off a new collaboration with consulting giant Accenture, in a move that shows once more that the technology is coming further out of the lab and into the business strategies of forward-looking executives. The partnership will see IonQ and Accenture join forces to help other businesses assess how quantum computing could help improve their outcomes. The collaboration between Accenture and IonQ is reflective of increasing interest in quantum computing among businesses. According to Accenture, business spending on quantum computing will surge from $260 million in 2020 to $9.1 billion by 2030.

Year after year, the number of data breaches affecting entities in the healthcare industry rises, and 2020 was no exception. The 616 data breaches reported this past year to the US Department of Health & Human Services have resulted in the exposure or compromise of 28,756,445 healthcare records. Most of these breaches were caused by hackers and improper IT security, as ransomware gangs continue to target organizations whose security has been stretched thin even more than usual. According to the latest IBM Cost of a Data Breach report, human error accounted for approximately 30% of all healthcare breaches in 2020. To minimize that percentage in the coming years, healthcare organizations should properly train providers, nurses and administrators, as well as enact policies focused on recognizing and blocking malicious emails, credential sharing and mobile device usage.

Ransomware has become a top concern for organizations large and small as high-profile incidents have grabbed headlines. Nonprofit charitable organizations have been targeted as well – and in some cases, law enforcement has been unable to assist. According to a SonicWall threat report, ransomware attacks grew by 62 percent between 2019 and 2020, and recent events have suggested that remote and hybrid work creates new attack surfaces for ransomware to take hold. Data is paramount to the function of nonprofits. That data is often sensitive in nature, potentially including identifying information on donors and beneficiaries of services. Nonprofit leadership is a crucial piece of the puzzle and can ensure that concerns about security like ransomware are heeded throughout the organization.

Famous camera maker Olympus claims it is investigating a potential cybersecurity incident that’s affected its computers across the European, Middle East and Africa regions. However, an anonymous source familiar with the incident told TechCrunch that Olympus is grappling with a ransomware attack that began on September 8, 2021. In its statement put out on Saturday, September 11, Olympus did acknowledge that it first detected “suspicious activity” on September 8. Ransomware expert and threat analyst at Emsisoft, Brett Callow, believes the attack seems to be orchestrated by BlackMatter. BlackMatter is a new ransomware-as-a-service (RaaS) threat actor, which the cybersecurity community claims to have risen from the ashes of the notorious DarkSide RaaS operator.

Conducting an online survey of 50 C-suite and other executives in June 2021 about cyber threat detection and response, Deloitte found that almost 87% expected the number of cyberattacks targeting their organizations to increase over the next 12 months. Further, 65% of the respondents cited ransomware as their greatest security concern over the next year. However, only some are fully ready for such an attack, specifically just 33% said they've run simulated ransomware attacks to prepare themselves for this type of incident. Kieran Norton, Deloitte Risk & Financial Advisory's infrastructure security solution leader, recommends five questions to ask yourself to prepare for a ransomware attack.

Two healthcare organizations have begun sending out breach notification letters to thousands of people in California and Arizona after both revealed that sensitive information – including social security numbers, treatment information and diagnosis data – were accessed during recent cyberattacks. LifeLong Medical Care, a California health center, is sending letters to about 115,000 people about a ransomware attack that took place on November 24, 2020. Arizona-based Desert Wells Family Medicine was forced to send out a similar letter to 35,000 patients after they too were hit by a ransomware attack that exposed sensitive patient information.

Despite ransomware threats making headlines on an almost daily basis, most organizations are still clueless about how to recover from such an attack, a report from Dell Technologies has found. Its 2021 Global Data Protection Index, based on a global survey of 1,000 IT decision-makers, found that more than two-thirds aren’t confident their business-critical data could be recovered in case of a ransomware attack. A similar proportion (62%) believe their current security solutions aren’t strong enough to protect data from malware and ransomware threats, adding that the rising number of remote workers only makes it more challenging.

HP released an HP Wolf Security report titled "Rebellions & Rejection." The findings detail employee pushback due to company cybersecurity policies and operational drawbacks for IT teams overseeing these networks. 76% of respondent IT teams said "security took a back seat to continuity during the pandemic," 91% felt "pressure to compromise security for business continuity" and 83% believe remote work has "become a 'ticking time bomb' for a network breach." The switch to remote work has also led companies to adopt new policies regarding telecommuting with these rules ranging from home office requirements to internet speeds and security standards.

Amazon today announced the general availability of Amazon EKS Anywhere, a deployment option for Amazon EKS that enables companies to create and operate Kubernetes clusters on-premises using VMware vSphere. EKS Anywhere provides an installable software package for creating and operating Kubernetes clusters on-premises, as well as automation tooling for cluster lifecycle support. EKS Anywhere also provides the ability to integrate with third-party tools in other areas, like networking and security.

Microsoft plans on spending $20 billion in cybersecurity over the next five years. However, there’s a Catch-22 in the fact that more spending hasn’t meant better defense. Microsoft president Brad Smith is focused on spending more as a way to deal with cybersecurity’s big spending problem. One of the biggest reasons cited by Smith and other cyber experts for the disconnect between cyber spending and return on investment in the form of better protection comes down to labor. The lack of cybersecurity professionals is not a tech sector problem but a significant problem across all major industries.

The UK's National Cyber Security Centre (NCSC) this week said zero trust has become a "very fashionable term" in the tech world. To address the slipperiness of its definition, NCSC has outlined a few traps and pitfalls that organizations running a zero trust migration should be mindful of. NCSC acknowledges that not every organization will be ready to adopt a zero trust architecture. It also stressed it isn't a standard or specification, but rather "an approach to designing a network" — meaning it can be difficult to know if you're doing it right. NCSC also lays out five reasons why zero trust might be a good philosophy to adopt.

While much of The European Union’s General Data Protection Regulations (GDPR) have been incorporated into UK law, it’s still important to consider what has changed in terms of how companies – particularly UK-based ones – ensure compliance to data protection regulations. It was argued in 2017 by Index Engines that GDPR puts personal data back in the hands of citizens. No matter what has changed, one challenge will remain: organizations’ ability to find business and legal-critical information within their vast unstructured data stores. With this top of mind, there is arguably a need for Wide Area Network  acceleration to gain the ability to find and move data around at high speed by mitigating latency and packet loss.

Most of the data economy underpinning common products and services is invisible to shoppers. As your data gets passed around between countless third parties, there aren’t just more companies profiting from your data, but also more possibilities for your data to be leaked or breached in a way that causes real harm. Data ends up being used in surprising ways—intentionally or not—such as in targeting ads or adjusting interest rates based on race. Consumer data privacy laws can give individuals rights to control their data, but if poorly implemented such laws could also maintain the status quo.

Italy has faced a barrage of cyberattacks in recent weeks. Ransomware campaigns have hit big corporations such as the energy company Enel Group, Campari, Geox, Tiscali, Luxottica, and hospitals such as the Spallanzani in Rome and the San Raffaele in Milan – albeit with limited results. These, and other episodes, have been a wake-up call for Italian politicians and common citizens alike on the necessity to improve the country's cyber defenses. Thanks to the EU-funded National Recovery and Resilience Plan, this is set to change. Total funding for the plan amounts to €261 billion.

The number of ransomware attacks surged by 288% between the first and second quarters of 2021 as double extortion attempts grew, according to the latest data from NCC Group. Analyzing incidents dealt with by its own Research Intelligence and Fusion Team (RIFT) throughout 2021, the firm claimed nearly a quarter of data leaks in the second quarter came from the Conti group. Conti typically gains initial network access to victim organizations via phishing emails, it claimed. Next came Avaddon, which accounted for 17% of incidents, although this variant is now thought to be inactive. Unsurprisingly, 49% of victims with known locations in Q2 were based in the US, followed by 7% in France and 4% in Germany.

Researchers discovered a novel ransomware emerging on the heels of the ProxyShell vulnerabilities discovery in Microsoft Exchange servers. The threat, dubbed LockFile, uses a unique “intermittent encryption” method as a way to evade detection as well as adopting tactics from previous ransomware gangs. Discovered by researchers at Sophos, LockFile ransomware encrypts every 16 bytes of a file, which means some ransomware protection solutions don’t notice it because an encrypted document looks statistically very similar to the unencrypted original.

Bangkok Airways has apologized for a data breach involving passport information and other personal data in a statement to customers. The company said that it discovered a "cybersecurity attack which resulted in unauthorized and unlawful access to its information system" on August 23. The company said an investigation revealed that the names, nationalities, genders, phone numbers, emails, addresses, contact information, passport information, historical travel information, partial credit card information and special meal information for passengers of the airline had been accessed. The attackers were not able to affect Bangkok Airways' operational or aeronautical security systems, according to the statement, and the Royal Thai police have been notified of the incident.

APIs today prove their value by driving new digital business revenue growth and transforming decades-old business models. Such APIs have also become a fast-growing threat vector and a nexus of what Forrester calls “API insecurity.” The enterprise needs to approach APIs from a zero-trust security paradigm. As real-time APIs displace traditional approaches to integration and development, it is important to work toward a zero-trust approach that does not rely on perimeter-based security methods. Forrester’s recent API Insecurity: The Lurking Threat In Your Software report points out that protecting APIs with perimeter-based security fails to stop attacks’ increasing severity and sophistication.

Another cybercriminal gang notorious for ransomware attacks has shut down, publishing its decryptor online to allow victims unlock and recover files. The Ragnarok gang, also known as Asnarok, closed up shop this week, publishing the news to their public website, according to a post published Thursday by analyst firm Recorded Future’s The Record, among other sources. As a parting “gift,” the group released their decryptor, hardcoded with a master decryption key, for free as well on the portal. Previously, the site was primarily the place where Ragnarok would publish data from victims who refused to pay ransom. Several security researchers have confirmed that the Ragnarok decryptor works, according to the post. It’s currently being analyzed and researchers will eventually release a clean version that is safe to use on Europol’s NoMoreRansom portal.

Ransomware attacks are going to get worse – and one could eventually take out the infrastructure of an entire 5G-enabled smart city, a cybersecurity expert has warned. Cyber criminals deploying ransomware regularly target government services. Not only do public sector IT budgets mean networks are less secure against attacks, but said networks are also used to provide vital services to the community. While connected cities have the potential to improve urban services, any lack of security in IoT devices could make them a very appealing target for ransomware attacks – and, given the current ransomware climate, it's not a matter of if, but when.

Some of the world's leading technology companies, including Google and Microsoft, have earmarked billions of dollars to help raise the cybersecurity stance of the industry as a whole following a meeting with US President Joe Biden. Earlier this week, the President met with CEOs from over two dozen companies from various sectors, ranging from insurance to IT, to solicit their help in beefing up cybersecurity efforts. In addition to setting up a cybersecurity task force, the administration has also asked law enforcement agencies to treat ransomware attacks no different from terrorist attacks.

Most ransomware attacks begin with a compromised employee email account, something that in turn happens through some combination of phishing and social engineering. An enterprising ransomware gang in Nigeria appears to be skipping this messy step, simply making a direct pitch to employees of target companies to join in on the attack for a cut of the profits. The group has offered employees $1 million in bitcoin as part of a proposed $2.5 million ransom, asking them to install the DemonWare ransomware on the organization’s Windows computers or servers using their privileged credentials. Employees appear to be solicited via their LinkedIn profiles, and are not sent the full pitch unless they reply to an initial message indicating interest.

The Federal Bureau of Investigation's Cyber Division has issued a flash warning over an organized cyber-criminal gang calling itself OnePercent Group. In a TLP: WHITE alert published Monday, the FBI said the group has been targeting companies in the United States since November 2020. OnePercent's modus operandi is to use the threat emulation software Cobalt Strike to perpetuate ransomware attacks. The infection process begins in the victim's inbox. After accessing a victim's computer, OnePercent encrypts their data and exfiltrates it from the network using rclone. A virtual ransom note is left that tells the victim they have one week from the date of infection to make contact with the ransomware group.

A recent Synack Report claims that combining cybersecurity talent and AI-enabled technology results in 20x more effective attack surface coverage than traditional methods. It’s common knowledge that AI can analyze colossal quantities of data at speed and augment under-resourced security operations. Yet, people also know the dangers that AI can pose, which explains why 96% of CEOs have already started preparing for AI-powered cyber-attacks, according to an MIT Tech Review report. To adequately explain AI’s actual value in the cybersecurity industry, it’s necessary to comprehend current cybersecurity challenges.

The number of data breaches in Australia arising out of ransomware attacks grew by 24% during the first half of 2021, underscoring the growing threats posed by the global proliferation of ransomware in recent years. According to the Office of the Australian Information Commissioner’s (OAIC) latest Notifiable data breaches report, the number of data breaches arising from ransomware incidents increased from 37 notifications in the last reporting period to 46. In total, the OAIC received 446 data breach notifications from January to June 2021, with 43% of these breaches resulting from cyber security incidents.

Phishing may be the most common cybersecurity threat in the UK, but it could be only a matter of time before ransomware snatches the crown, a report from cybersecurity firm CybSafe suggests. Analyzing data provided by the Information Commissioner’s Office (ICO), CybSafe noted that phishing was to blame for most incidents so far this year, making up 40 percent of all cases reported to the ICO. At the same time, ransomware attacks made up 22 percent of all incidents reported, surging from 11 percent last year. Of all the different industries, the education sector seems to have it worst, as ransomware accounted for 32 percent of all attacks in H1 2021, up from 11 percent a year ago. CybSafe believes education became a prime target due to remote learning. Education aside, retail and manufacturing firms are still prime targets, accounting for 20 percent of all reported incidents.

Researchers are warning of a new ransomware variant spreading globally via exploitation of the “PetitPotam” vulnerability partially patched by Microsoft last week. Symantec said the “LockFile” variant was first spotted on July 20 in an attack on a US financial services organization and has subsequently targeted at least ten corporate victims around the world up to August 20. Attacks begin by accessing victims’ Microsoft Exchange servers, although this vector isn’t yet clear. First discovered by a French researcher around a month ago, PetitPotam is an NTLM relay attack vulnerability that an attacker can use with low privileges to take over a domain controller. It’s been reported that Microsoft’s Patch Tuesday fix for the bug has not fully patched the vulnerability.

The Barracuda Network has just released a report that notes ransomware attacks have increased by 64% this year. This might be a result of the increased vulnerabilities occurring due to COVID-19 and the like, and a lot of these attacks are targeting places like hospitals, where the frequency with which attacks are occurring on critical infrastructure is increasing quite a bit. It is important to note that about 57% of ransomware attacks were corporations that worked on things like infrastructure, financial services and travel. The number was just around 18% last year, which means that the people behind these attacks are focusing more on corporations and industries that work in these sectors with all things having been considered and taken into account.

Australian businesses are not keeping up with the data privacy expectations of their customers when digitising their offering, according to a new Heart Matters study announced by SAP Southeast Asia. The study reports that when it comes to data protection, organizations fall short of expectations by up to 50%. More than four in five consumers want transparency into how their personal data is being used, but only 34% have been shown accountability. The study adds that the expectation among Australians is higher than the APAC average expectations of three quarters (74%). The majority (84%) of Australians expect that organizations will not share their data with a third party. However, only just over a third believe that the information they shared with a business has kept it secure.

The lure of quickly making large sums of money is attracting interest from across the cyber-criminal spectrum, from sophisticated gangs specialising in ransomware attacks, to affiliate schemes where wannabe ransomware kingpins can lease out ransomware as a service in exchange for a cut of the profits. It has also attracted low-level cyber criminals, who see an opportunity to grab a slice of the ransomware pie – even if they have little idea what they're doing. Cybersecurity researchers at Abnormal Security have detailed an amateur ransomware campaign using social engineering in an attempt to fool employees into installing DemonWare ransomware on their organization's network, in return for a slice of the payout.

Ransomware attacks increased 64% over the past year, targeting municipalities, health care, education, infrastructure, and more, according to Barracuda Network’s annual ransomware report. Ransomware attacks have surged in 2021. Cybercriminals are also expanding their targets, shifting focus to critical infrastructure and deep-rooted software supply chain attack campaigns, which can cause long-lasting devastation. In the past 12 months, Barracuda researchers have identified and analyzed 121 ransomware incidents, a 64% increase in attacks, year over year.

The SynAck ransomware group, which recently changed its name to El_Cometa, has released the master decryption keys to its ransomware that was used to infect victims from 2017 to early 2021. Creator of the ID Ransomware service and malware analyst at Emsisoft, Micheal Gillespie, confirmed the authenticity of the master decryption keys by using them to decrypt files from previous SynAct attacks. The group decided to release the master decryption keys for its old victims because it is in the process of winding down its SynAck operation as it ramps up work on its new ransomware strain, El_Cometa.

Nearly half of US hospitals have disconnected their networks in the past six months due to ransomware, according to a new study from Philips and CyberMDX. Respondents who admitted to shutting down networks due to ransomware were a mix of those who did so proactively to avoid a damaging breach and those forced to do so because of severe malware infection. Respondents who admitted to shutting down networks due to ransomware were a mix of those who did so proactively to avoid a damaging breach and those forced to do so because of severe malware infection.

A new report from cybersecurity company Mimecast found the increasing use of email brings the potential for a rise in cyberattacks. The report states that almost two-thirds of financial services organizations believe it’s either likely, extremely likely, or inevitable that they will suffer an email-borne attack this year. In the past twelve months, email volume at financial services companies rose 81 percent, and the number of attacks rose in tandem. Despite the obvious threat, companies are doing very little to protect themselves. Less than half organize security awareness training for their employees at least once a month, and 47 percent said they don't have a cyber-resilience strategy.

A recent report from HHS cited a total of 82 ransomware incidents so far this year worldwide with 60% of them impacting the United States health sector. Hospitals now account for 30% of all large data breaches at an estimated cost of $21 billion in 2020 alone. The study surveyed 130 hospital executives in IT and information security roles, as well BioMed technicians and engineers. 48% of hospital executives reported either a forced or proactive shutdown in the last 6 months as a result of external attacks or queries. However, more than 60% of hospital IT teams have “other” spending priorities and less than 11% say cybersecurity is a high priority spend.

Ransomware attacks have skyrocketed, and ransomware payments are the comet trails that have followed them skyward. The average ransomware payment spiked 82 percent year over year, now over half a million dollars. Researchers found what’s helped to intensify extortion payments is the fact that cybercriminals have been pouring money into highly profitable ransomware operations, including a new, disturbing trend – the rise of quadruple extortion. Researchers observed ransomware groups commonly using as many as four techniques to turn the thumbscrews on victims: encryption, data theft, DoS, and harassment.