The questions remain: what impact do these kind of cyber attacks have on the industry? How can businesses minimize cyber attacks? To better understand current cybersecurity best practices and what the future looks like, MyTech Decisions spoke to a range of industry experts on the topic.

Cybersecurity Best Practices To Consider

Businesses cannot overlook their cybersecurity strategies, and it certainly shouldn’t take a cyber attack to expose those weaknesses before any issues are rectified. Rather, cybersecurity should be an ongoing practice that involves the appropriate measures in both internal and external functions of any organization. Speaking of best practices, John Street, Operations Director at Agilitas, advises businesses to “ensure that their IT policies contain best practice guidelines for users’ safe access.” Street further emphasizes the “use of internet-facing resources, along with continual informative messaging and education.”

Moreover, Future Processing’s Head of Security, Dominik Samociuk believes that employees must be provided relevant training and technical knowledge about cybersecurity. According to Samociuk, “Cybersecurity best practices need to be run on a 24/7 basis, meaning the level of technical knowledge and skills that employees need to obtain as security specialists have never been higher. This is extremely hard to come by, and it’s all about ensuring that employees have access to the relevant training and development resources.”

Furthermore, diving deeper into the cybersecurity measures businesses can take, David Stubley, Managing Director of 7 Elements – the cybersecurity division of Redcentric, highlights key areas organizations must consider to minimize cyber risk: vulnerability management, proactive ransomware mitigation and technical assurance.

Has the Risk Increased?

The threat landscape is rapidly expanding and hackers are emerging with new ways to penetrate and find the weakest spots. In such circumstances, organizations can not lean on one sole solution. Agilitas’ Street says, “Whether they have built a solution that is protecting a network via firewalls, intelligent proxy servers or email gateways, it is important to recognize that no solution is 100% effective against the continued threat our digital world is faced with.”

Similarly, Redcentric’s Stubley considers technical assurance, such as penetration testing and security audits, as one of the best ways to operate amid increased cyber threat. According to Stubley, “With an ever evolving threat landscape, organizations can quickly become vulnerable to new forms of attack. As such, networks and exposed services should be assessed on a regular basis to ensure that any potential exposure is mitigated before it can be exploited.”

It is evident that with growing digitalization, cyber threats will only continue and grow. With increased cyber risks, businesses must be prepared to not only prevent cyber attacks, but be able to deal with them if the worst happens and they are struck by one.

Looking Ahead

Samociuk from Future Processing says, “Looking ahead, companies need to be already prepared for cybersecurity threats, and if they are only considering the potential implications now, it’s too late. They need to have a strategic plan that combines processes, the best technology, training for staff and specialist support to ensure that their business can withstand the rise in cyberattacks and that their team can keep safe from online threats in the future,”

Businesses, who look to empower their cybersecurity approach, can learn from updated security regulations. The role of accreditation schemes has become more than ever before. According to Agilitas’ Street, businesses can join best practice accreditation schemes to remain aligned with what’s going on in the industry.

Street comments, ”In order to ensure businesses are implementing the right governance and education to remain aligned with the latest security threats, they can join best practice accreditation schemes. Achieving certifications such as ISO27001 and Cyber Essentials provide businesses with the framework and processes to be more resilient when it comes to Cybersecurity as they look to protect both physical and data security needs.”

The current landscape is continuing to evolve and it is evident that the threat surface has significantly increased. Cybersecurity today is not just a factor to consider but an ongoing practice that must be imbibed within the core of every business.

The post Cybersecurity Awareness Month 2022: Helping Businesses Mitigate Risk appeared first on My TechDecisions.

The cybersecurity firm released its findings from the first few days of the conflict, finding that attacks against Ukraine far outweighed any other region, as the same sectors globally and in Russia did not show a similar increase.

Cyber attacks against Russian organizations increased by 4%, compared to the same days in the previous week, according to data from Check Point.

Compared to the Ukraine, the overall number of cyber attacks per organization increased by .2%. Regions across the world are experiencing a new decreases in cyber attacks per organization, the company says.

Interestingly, cyber attacks against the U.S. and North America have declined 12% and 13%, respectively, despite both the U.S. and Canada taking part in sanctions against Russia and supplying aid to Ukraine.

Read Next: Cybersecurity Experts: Ukraine, Russia Crisis Could Result in U.S. Cyberattacks

Increase in Phishing Emails  

Check Point also notes phishing emails in Russian and Ukrainian languages have increased by seven times. A third of the malicious phishing emails were directed at Russian recipients sent from Ukrainian email addresses, either real or spoofed.

Check Point says it is also observing an increase of fraudulent emails taking advantage of the situation, luring recipients to donate money to fake-Ukrainian aide organizations to gain financial profit.

WhisperGate & HermeticWiper Malware

The Cybersecurity and Infrastructure Agency (CISA) and the FBI issued a joint advisory on the destructive malware,  WhisperGate and HermeticWiper, both used to target organizations in Ukraine. The malware is capable of destroying computer systems and rendering them inoperable. It targets Windows devices, manipulating the master boot record, displays a fake ransomware note, and encrypts files based on certain file extension, which results in subsequent boot failure, according to SentinelLabs.

CISA and FBI notes that there is no credible threat to the U.S. at this time, but urges organizations to assess and bolster its cybersecurity.

How to Spot a Phishing Email

With any phishing email, it is imperative to look for the following, according to Check Point:

1. Fake domains
2. Unusual attachments
3. Incorrect Grammar or tone
4. Suspicious requests

The post Cyber Attack Trends Amid Russia-Ukraine Conflict appeared first on My TechDecisions.

With work and home increasingly blurring amid the COVID-19 pandemic, Sailpoint set out to determine how users behaviors when conducting these activities could put a target on the organization’s back for a cyber attack or data breach.

At least 44% of respondents reported the number of phishing messages they’ve received is up year-over- year. The survey notes glaring generational differences when it comes to behaviors that are putting Baby Boomers, Gen X, Millennials and Gen Z and their employees at risk.

Email is a requirement to create any kind of online account including social media profiles. While social media sites are traditionally meant for personal use, the survey found that Gen Z (77%) and millennials (55%) are using corporate emails for their social media logins, compared to just 15% of Gen X and 7% of Baby Boomers. More than half a billion Facebook accounts were stolen in April, according to Business Insider. The survey notes risk is on the rise with new potential doorways being opened every day.

Related: Top Malicious Email Phishing Techniques Used By Cybercriminals

The holiday season presents greater corporate threats from younger generations the report says. Nearly one in three workers say they use their corporate email for online shopping; Baby Boomers are the least likely to engage in these activities. At least 39% have received a phishing message impersonating a retailer and 22% have received a message impersonating a marketing email.

The survey also notes that Baby Boomers are more well equipped to deal with phishing email; at least 94% are confident in their ability to detect a phishing message, while only 29% know how to appropriately react to a phishing email by forward it to IT.

When asked on how they would respond to a suspicious looking email with a link or attachment, 46% of Gen Z respondents said that they would open the link or attachment compared to just one percent of Baby Boomers, 29% of Millennials and 4% of Gen X said they would open the link or attachment.

“Over the last year and a half, we’ve seen countless, high-profile cyberattacks, stemming from email activity, that have brought organizations – like retailers, currency exchanges, and healthcare organizations – down to their knees,” said Heather Gantt-Evans, CISO at SailPoint in a statement.

“By using corporate email for personal use, employees are inadvertently expanding the threshold for malicious actors to enter a corporate network, completely unnoticed. As demonstrated by the data, most don’t know what to do if they see suspicious activity, but with proper education and training, we can deter these types of events to ensure business remains operating as usual,” she said.

The post SailPoint Survey: Generational Differences Exist Between Corporate Email Use & Cybersecurity appeared first on My TechDecisions.

Check Point’s global survey of CISOs indicated “CISOs’ confidence in security goes down as the number of cyber attacks, assets to secure, and the number of vendors’ solutions used in their environment increases.”

At least 92% of survey respondents indicated that growing IT complexity (i.e. remote work) is making security more challenging. Attack surfaces have expanded as organizations adopt public cloud computing and SaaS applications. Ransomware shows no signs of slowing down with threat actors only getting more creative and more sophisticated when it comes to new types of cloud attacks.

Listen to My TechDecisions Podcast Episode 138: The Growing Threat of Ransomware

Adding to the dwindling confidence, security teams are frequently understaffed and overwhelmed trying to meet business needs while protecting their organization against attacks.

Almost all survey respondents (99%) use solutions from multiple security vendors and agree managing them is challenging, making securing their organization more complex. Managing and integrating multiple solutions from different vendors takes time, resources, training, operation overhead, and increased budget – all things most security teams are in short supply of.

Approaches to today’s security challenges:

According to Check Point, here are some approaches to today’s security challenges:

A Consolidated Architecture: A unified architecture will reduce operational overhead and more easily allow organizations to address security challenges.

Prevention Technology: Relying on detection-only technology and human remediation can be disastrous; organizations should adopt an active threat prevention approach to block attacks before they cause damage to the system.

Automation & Planning: Security protections need to work at machine speed to stop malware that operates in milliseconds. Automating processes creates efficiencies and improves security team effectiveness.

Visibility & Control: For security teams to react in real-time to prevent cyberattacks and minimize the damage to their organization, a single view of the entire environment is needed to improve visibility and control. A centrally managed security infrastructure eliminates visibility silos and helps improve defenses, according to Check Point.

Agility & Enablement: Dev-opps teams oftentimes will release solutions without proper security rather than waiting.  Security teams need to operate at the same speed and effectiveness as other parts of the organization and serve as a business enabler.

Organizations must be agile and protect all IT assets and the data stored within them. A holistic cyber security strategy that addresses today’s cyber security challenges by eliminating complexities and inefficiencies, sealing security gaps, and protecting organizations from both known and unknown threats is recommended.

The post Check Point Survey: CISOs’ Confidence In Security Dwindles As Cyber Attacks Increase appeared first on My TechDecisions.

The bill includes $1 billion in funds for state and local governments to strengthen its cybersecurity.

The pandemic has pushed many services to go online, fueling an increased risk in cyberattacks, such as the Kaseya, SolarWinds, and the Colonial Pipeline attack — to name a few.

“The funds were part of the State and Local Cybersecurity Improvement Act, which would create a grant program at the Department of Homeland Security (DHS) to provide the $1 billion to these government entities over four years, with a quarter of the funds going to particularly vulnerable rural communities,” says Maggie Miller, reporter for The Hill.

“A cyberattack on a state or local government network can put schools, electrical grids, and crucial services in jeopardy,” said senator Maggie Hassan (D-N.H.) in a statement, “Even though cyberattacks are becoming more and more common in today’s threat landscape, state and local governments often do not have the adequate resources to defend against them. This new grant program will be a crucial resource for state and local governments.”

The infrastructure bill includes the Cyber Response and Recovery Act, authorizing the DHS to declare cyberattack incidents on critical U.S. organizations and create a $100 million fund to be used over five years to help groups impacted by the incident.

Also, included in the infrastructure bill is funding for the national cyber security office. In June, Chris Ingils, former NSA Deputy Director was appointed as national cyber director. The newly created cyber office has yet to receive any funding.

“As we face increasing cyber threats, it is crucial that the National Cyber Director has the funding needed in order to be able to effectively and efficiently develop national cyber policies that best protect federal networks, data, and critical infrastructure,” said senator Rob Portman (R-Ohio) in a statement.

The post Senate Passes Infrastructure Bill Allocating $1.9 billion For Cybersecurity appeared first on My TechDecisions.

Analyst see similarities between DarkSide and Black Matter when it comes to crypto currency wallets, strains of malware, and similarities in the keys it gives victims for decryption, according to Wall Street Journal cybersecurity reporter David Uberti.

Blockchian analyst can easily watch money move from one crypto currency address to another and map out patterns believed to be ransomware payments, especially companies that report it.

“The White House has been public about how it wants to bolster the way it tracks financial transactions to ransomware groups. And that’s one of the ways in which they can pinpoint where the problem areas are and the scope of the problem,” said Uberti, in a WSJ podcast.

Read: Critical U.S. Pipeline Hit With Ransomware

Cybersecurity experts are also carefully analyzing the tools the hackers used to deploy the ransomware inside companies like the Colonial Pipeline, by observing the code more closely. Similarities are present in DarkSides’s rebranding efforts in how the malware descriptors are written.

Uberti also noted there’s been a lot of turnovers within these hacking groups, many of which are specialist in breaking into companies and deploying the ransomware. “There’s an emerging and rotating cast of characters with all of these groups, so at the very least, there’s some overlap between some of these hacking groups we’re seeing,” says Uberti, in a WSJ podcast.

Cybersecurity firm Recorded Future published an interview with someone claiming to be part of Black Matter, who revealed they received lessons from DarkSide. One of the lessons learned from DarkSide was not to attack critical infrastructure for fear of action by the U.S. government. They also noted they would not attack the healthcare sector, which leaves many businesses that don’t classify within those two sectors vulnerable.

“A lot of people within the cyber world have compared this to a game of whack-a-mole, that if you take specific actions against the group, if we are to basically hack back and take them offline, they will simply emerge in some other way as some other form under some other name,” says Uberti, in a WSJ podcast.

The post What DarkSides’ Rebranding Means for IT appeared first on My TechDecisions.

Cybercriminals have shifted their strategies to target vulnerable remote workers, which has led to a rise in cyber attacks across the globe.

Proofpoint sifted through billions of emails and found credential phising accounted for two-thirds of malicious emails. Attackers that tricked users into opening attachments were the most successful, enticing at least one in five people into opening them.

Proofpoint’s report found that attackers with the highest hit rates have the smallest message volume, meaning attackers are becoming very selective with their campaigns.

Read: Report: Pandemic Led to More Expensive Data Breaches

Attackers who used steganography, a technique of hiding malicious payload code in pictures and other file types, tricked at least three out of every eight recipients to click — a rate most email marketers would envy.

CAPTCHA, often used as an antifraud measure to tell humans from machines garnered 50 times more clicks than last year’s data, coming in with an overall response rate with 5%.

Attackers will often use CAPTCHA to put malware on the system of the user and not in a security sandbox. Most systems would recognize the malicious activity. The technique proves to be most dangerous in that it can determine where the user is from based on the IP address for attacks that can target people in a given country or region.

It’s unclear why users were more vulnerable than other techniques. Proofpoint says remote workers may have been more distracted and cognitively taxed under the stresses of the pandemic, which leads to clicking on things they shouldn’t.

Most cyberattacks will not be successful unless someone falls for it. It’s important to train employees to spot and report malicious email.

For IT, protecting people wherever they work will be on going challenge.

The post Fix These Human Vulnerabilities appeared first on My TechDecisions.

Elected officials and President Biden quickly rose to the occasion, demonstrating a threat to the nation’s critical infrastructure is a problem worth addressing.

The attack on managed service provider Kaseya left many organizations system’s down for days. Ransomware gang REvil took credit for the attack, however, suddenly disappeared.

Some speculate pressure from their government for fear of getting in trouble on their home turf may have had something to do with it, especially after President Biden warned Russia’s leader Vladmir Putin.

Related: Check This Resource Out Before Paying a Ransom Or Restoring Data

It is estimated that REvil may have collected close to $100 million in ransom payments in just the first 6 months of 2021, according to Coveware.

The average ransom payment is $136,576, down by 38% from Q1. The median ransom payment is $47,008, down by 40% from Q1, according to data from Coveware.

The decrease can be attributed to the growing number of ransomware-as-a-service brands, which have diluted the concentration of the attacks.

Coveware says, “the lower prevalence of several groups that have historically made some of the highest demands (such as Ryuk and Clop) allowed the average and median ransom payment to drift lower during the quarter.”

Attacks are becoming more costly to carry out, which raise the barrier to entry for new cyber criminals. In addition, using data exfiltration as an overall tactic appears to also be declining.

Related: Ransomware Is Now More Than Just Data Encryption

Coveware reports during Q2, over 80% of ransomware attacks also included the threat to leak stolen data.

Regardless, ransomware is a major threat to organizations today. A ISACA report says 1 in 3 organizations are experiencing more cyberattacks this year, which is three percentage points higher than last year.

Organizations should increase their IT security spending to lower the risk of a crippling ransomware attack.

The post Ransom Payments Are Declining appeared first on My TechDecisions.

According to a statement from Kaseya, about 60 Kaseya VSA product customers were affected by the attack. However, a cybersecurity researcher whose company was responding to the incident says it paralyzed the networks of at least 200 U.S. companies on Friday.

The REvil gang appears to be behind the attack, says John Hammond of the security firm Huntress Labs. The same gang is also linked to the May attack on the global meat processor JBS SA.

Read: U.S. Must Respond To Protect Businesses From Ransomware Attacks, Executives Say

The criminals used Kaseya’s network-management package to spread the ransomware through cloud-service providers.

“Kaseya handles large enterprise all the way to small businesses globally, so ultimately, (this) has the potential to spread to any size or scale business,” Hammond said in a message on Twitter. “This is a colossal and devastating supply chain attack.”

Kaseya advised its customers to shut down the servers immediately and remain offline until further instructions from the company about when it is safe to restore operations.

A patch will be required to be installed prior to restarting the VSA. Customer who experience ransomware and receive communications from the attackers are instructed not to click on any links as they may be weaponized.

The company released a Compromise Detection Tool to search for indicators of the compromise. Over 2,000 customers have downloaded the tool since Friday.

Kaseya has met with the FBI/CISA to discuss systems and networking hardening requirements prior to service restoration for both SaaS and other customers.

The attackers requested $70 million in bitcoin. It is not known if the ransom was paid.

The attack is speculated to be intentionally timed for the Fourth of July weekend, when IT staffing is generally thin.

The Kaseya attack shows that hackers are becoming more strategic and targeting platforms like remote managed service providers that can take down multiple companies with one shot. For IT managers, make sure your systems are secure.

The post Kaseya Confirms Sophisticated Cyberattack Over The Holiday Weekend appeared first on My TechDecisions.

Cyber security is becoming a main issue for many companies, and our weekly feature is a good example of why.

Every week there are multiple stories of people, businesses, and products being hacked for fun, for money, and sometimes for evil.

Luckily for you, knowing the enemy is half the battle. In order to prevent getting hacked in the future, you need to understand who got hacked in the past. Cyber security is a constantly evolving threat to any organization, and even individuals.

Make sure to check out a couple of pieces of content to gain a better understanding of cyber security, and how cyberattacks are carried out.

• The Ultimate Guide to Corporate Cyber Security– Cyber security can be confusing, but after reading our article you’ll be in the clear and ready to stay safe.
• How Does a Cyber Attack Work?– Hacking and cyberattacks are threats that should concern every company. Here’s how they work.
• What is the Worst Case Scenario for Cyber Attacks?– Cyberattacks can have serious implications at the individual, company, and country-wide level.

After reading these pieces of content you’ll understand how cyber security works and get a better idea of how these weekly cyberattacks are working. Only by being equipped with the right information can any organization hope to protect themselves against the constant threats out there.

Each week we’ll be sure to get you the information so you know what cyberattacks are going on around the country and around the world.

This week includes:

• Capcom hacked, 350,000 records stolen which include addresses, phone numbers, email, and birth dates=
• Superior Court of Justice Brazil has systems go down following cyberattack
• Akropolis cryptocurrency lender loses $2 million in hack
• And more!

Click here to find out who got hacked this week, November 16, 2020.

The post Who Got Hacked This Week? November 16 Edition appeared first on My TechDecisions.