Posts

The Cybersecurity 202: Global losses from cybercrime skyrocketed to nearly $1 trillion in 2020, new report finds


The report underscores the growing dangers that ransomware attacks by foreign criminal enterprises posed to American industries. Lawmakers have been deeply concerned about the impact of such attacks, including on the financial and health-care sectors, in the pandemic. 

The coronavirus inspired an unprecedented number of online scams preying on the fears of both consumers and businesses – and a mass migration of employees to remote work created a perfect storm. 

When workers move to home environments, they are essentially becoming their own I.T. support, said Steve Grobman, senior vice president and chief technology officer at McAfee. It’s really about understanding that this is a different environment and building a security strategy to effectively defend it.

This is their fourth such report on global cybercrime. It “surveyed publicly available information on national losses, and, in a few cases, we used data from not-for-attribution interviews with cybersecurity officials,” the report said. 

The increase in cybercrime stems in part from the dramatic shift in the threat landscape in just the past two years, said Grobman, as hackers move from targeting specific machines or users to whole organizations, using human operators to make the attacks even more effective.

The reason that is so costly to organizations is it’s much more difficult to investigate and recover when an organization doesn’t necessarily know the full scope of a cyberattack and therefore has to do a much more in-depth investigation, he says. Global spending on cybersecurity is expected to exceed $145 billion in 2020, researchers note. 

Not all cyberattacks are successful at stealing money. But they can still have devastating impact. 

The average ransomware attack knocks a company’s systems offline for 18 hours more than enough time to have serious consequences for productivity. 

Most of the incidents are not always successful in the sense of getting money out, but they’re successful in the sense of disrupting operations, disrupting networks, says the CSIS’s James Lewis, who directed the report. It’s not just your monetary losses in the sense of, you know, ‘they took this cash…

Source…

What to look out for in cybercrime in 2021? New report has some answers


After such a tumultuous year,  internet security company ESET shared a report on what we should look out for in the 2021 digital world. 

ESET’s new report, “Trends in Information Security 2021: Confidence in a Time of Uncertainty” reveals four main challenges expected to affect consumers and businesses in 2021. 

Trend 1: Accepting a new reality at work 

Coronavirus has led to remote work, which relies on technology more than ever before. Working from home has partly benefited employees, however, it has also left corporate networks and organizations more vulnerable to attack. 

ESET’s Security Specialist, Jake Moore, commented that “we have all learned that teleworking can benefit organizations; however, I do not think we will continue to work remotely five days a week in the future. As more and more of our work and home life goes digital, cybersecurity will remain the key to safe business and continuous work.

Trend 2: Ransom with a twist – pay or data will be leaked

Hackers behind ransomware attacks want to find more ways to force victims to pay through intimidation, so the threat for those attacked increases significantly. Extortion and threats may not be new techniques, but they are certainly growing trends.

ESET reported that “companies are becoming smarter, implementing additional technologies that thwart attacks and create flexible backup and recovery processes, so bad actors need another plan of action to be able to succeed. 

Additionally, ESET anticipates that “thwarted attacks and backup and recovery processes may no longer be sufficient to repel a cyber criminal who demands ransom payment. A new threat technique offers cybercriminals a greater chance of return on investment. This is a trend that we will unfortunately see in 2021. “

  

Trend 3: Cyber threats are changing

In recent years, hackers have resorted to using more complex techniques to launch more targeted attacks. The information security community has started talking about “file-free malware,” which uses the tools and processes of the operating system and leverages them for malicious purposes. These techniques have gained more power recently, after being used in various cyber espionage campaigns by…

Source…

Canada names China, Russia as key cyber-crime threats


Canada’s electronic spy agency for the first time named countries such as China and Russia as the greatest “strategic threat” to this country, warning they are developing cyber capabilities to disrupt critical infrastructure such as electricity supply.

The Communications Security Establishment (CSE) released its annual threat assessment report Wednesday, identifying China, Russia, North Korea and Iran as the most active nations attempting to steal technology or create divisions within Canadian society.

“During the COVID-19 pandemic, large medical and biopharmaceutical companies in Canada and abroad have been targeted by state-sponsored cyber threat actors attempting to steal intellectual property related to COVID-19 tests, treatments, and vaccines,” CSE said.

Story continues below advertisement

“We assess that it is almost certain that state-sponsored actors will continue attempting to steal Canadian intellectual property related to combatting COVID-19 in order to support their own domestic public health response or to profit from its illegal reproduction by their own firms.”

Since the start of COVID-19, these countries have also gained access to hospitals in Canada and around the world “compromising both IT networks and…imaging products used in the healthcare industry.”

These countries are also developing cyber capabilities to disrupt Canadian critical infrastructure, such as electricity supply, but are unlikely to act in ways to cause major damage unless there is an outbreak of “international hostilities,” the report said.

In a foreword to the report, Defence Minister Harjit Sajjan warned the internet is at a “crossroads” because Russia and China are pushing to change the way it is governed and “to turn it into a tool for censorship, surveillance and state control.”

CSE said Russia and Iran are also active as online trolls, using fraudulent Twitter accounts to highlight divisions in Canadian society over immigration, pipeline politics or terrorism. It cited the January 2017 Quebec City mosque shooting and the June 2019 approval of the Trans Mountain Pipeline expansion project as examples of events that were targeted by trolls.

The…

Source…

Cybercrime To Cost The World $10.5 Trillion Annually By 2025


SAUSALITO, Calif., Nov. 13, 2020 /PRNewswire/ — Cybersecurity Ventures predicts global cybercrime costs will grow by 15 percent per year over the next five years, reaching $10.5 trillion USD annually by 2025, up from $3 trillion USD in 2015.

This represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, is exponentially larger than the damage inflicted from natural disasters in a year, and will be more profitable than the global trade of all major illegal drugs combined.

“Cybercrime costs include damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm,” says Steve Morgan, founder of Cybersecurity Ventures and editor-in-chief at Cybercrime Magazine.

“Cybercriminals know they can hold businesses — and our economy — hostage through breaches, ransomware, denial of service attacks and more. This is cyberwarfare, and we need to shift our mindset around cybersecurity in order to protect against it,” says Jack B. Blount, President and CEO at INTRUSION, Inc.

Organized cybercrime entities are joining forces, and their likelihood of detection and prosecution is estimated to be as low as 0.05 percent in the U.S., according to the World Economic Forum’s 2020 Global Risk Report.

“Every American organization — in the public and private sector — has been or will be hacked, is infected with malware, and is a target of hostile nation-state cyber intruders,” adds Blount, who is also the former CIO at the United States Department of Agriculture (USDA).

Blount’s assertion is backed up by some of the nation’s top cyberwarfare and cybersecurity experts, and Fortune 500 chief information security officers, in a roundtable discussion which recently aired on the Cybercrime Radio podcast channel.

Cybersecurity Ventures and INTRUSION, Inc. have partnered on a series of initiatives aimed at providing thought leadership and guidance to CISOs and cybersecurity teams in the U.S. and…

Source…