Tag Archive for: Cyberthreats

Dealing squarely with cyberthreats | The Manila Times

/in


DISTRIBUTED Denial of Service (DDoS) attacks have unfortunately proliferated at an exponential rate over the years — with more than 9.75 million separate attacks carried out in 2021. These threats impose a heavy toll on enterprises far beyond the financial cost of the ransomware — loss of revenue during downtime, reputation damage, legal repercussions from security negligence and potential exposure to larger cyberthreats.

Against this backdrop, Richard Yew, senior director Product Management for Security, Edgio, shares with The Manila Times deeper insights on mitigating cyberattacks, the latest trends in the application security space and building up cyber resilience in the face of rapidly evolving threats.

The Manila Times (TMT): Why do DDoS attacks persist? What are the opportunities that have arisen for these attacks in 2021 and what are the “holes” in the defenses of enterprises particularly among micro, small and medium enterprises (MSMEs)?

Richard Yew (RYW): Cybersecurity is all about protecting the confidentiality, integrity and availability (collectively known as the “CIA” triad) of system and data. DDoS attacks continue to be the most effective means of compromising the availability of the victim’s online presence, by causing anything between performance issues and complete outage.

Some pertinent reasons why DDoS attacks persist, and even increase in frequency and size in the last few years, include:

Get the latest news


delivered to your inbox

Sign up for The Manila Times’ daily newsletters

By signing up with an email address, I acknowledge that I have read and agree to the Terms of Service and Privacy Policy.

Cheap botnet and DDoS-for-hire services. The barrier of entry to launch DDoS attacks has never been lower, while the adverse impact on business is immensely significant.

Proliferation of IoT. An increase in the number of smart devices means that it’s now easy for an attacker to acquire a large botnet to launch a massive DDoS attack.

Financial motivation. DDoS ransom is a very effective way to get immediate…

Source…

The Acronis cyberthreats report 2022 reveals ongoing malware pandemic – Middle East & Gulf News

/in


Acronis, a global leader in cyber protection, recently released its annual Acronis Cyberthreats Report, the 2022 version, providing an in-depth review of cybersecurity trends and threats worldwide.

The report warns that managed service providers (MSPs) are particularly at risk, with more of their own management tools, such as PSA or RMM, used against them by cybercriminals, and thus are becoming increasingly vulnerable to supply chain attacks.

Supply-chain attacks on MSPs are particularly devastating since attackers gain access to both their business and clients, as seen in the SolarWinds breach last year and the Kaseya VSA attack earlier in 2021.

The report also shows that during the second half of 2021, only 20% of companies reported not having been attacked, as opposed to 32% last year.

Key trends of 2021 and predictions for 2022

Beyond the growing efficiency of cybercriminals and the impact on MSPs and small businesses, the Acronis Cyberthreats Report 2022 shows:

  • Phishing remains the main attack vector. 94% of malware gets delivered by email, using social engineering techniques to trick users into opening malicious attachments or links. just this year, Acronis reported blocking 23% more phishing emails and 40% more malware emails in Q3, as compared with Q2 of the same year.
  • Phishing actors develop new tricks, move to messengers. Now targeting OAuth and multifactor authentication tools (MFA), these new tricks allow criminals to take over accounts. To bypass common anti-phishing tools, they will use text messages, Slack, Teams chats and other tools for attacks such as business email compromise (BEC).
  • Ransomware is still the #1 threat. High-value targets include the public sector, healthcare, manufacturing, and other critical organizations. Ransomware continues to be one of the most profitable cyber attacks these days. Acronis predicts ransomware damages will exceed $20 billion before the end of 2021.
  • Cryptocurrency among the attackers’ favorite playing cards. Info stealers and malware that swaps digital wallet addresses are the reality today. We can expect more such attacks waged directly against smart contracts in 2022. Attacks against Web 3.0 apps will also occur more…

Source…

US government taking creative steps to counter cyberthreats :: WRAL.com

/in


By ERIC TUCKER, Associated Press

WASHINGTON — An FBI operation that gave law enforcement remote access to hundreds of computers to counter a massive hack of Microsoft Exchange email server software is a tool that is likely to be deployed “judiciously” in the future as the Justice Department, aware of privacy concerns, develops a framework for its use, a top national security official said Wednesday.

The department this month announced that it had obtained a warrant from a federal judge in Texas to remove web shells, or malicious code that gives hackers a foothold into networks, from hundreds of vulnerable computers affected by a hack that Microsoft has blamed on a group operating from China.

The FBI operation was designed to disrupt the effects of a hack that affected an untold thousands of servers running the Microsoft Exchange email program. Many victims took steps on their own to safeguard their systems, but for those that who did not, the Justice Department stepped in to do it for them with a judge’s approval.

It was the virtual equivalent of police going around the neighborhood locking doors that criminals had opened remotely.

“We have a decision to make, which is are we going to go ahead and do that action ourselves or are we just going to leave that malware there, sort of unremediated,” said Assistant Attorney General John Demers, speaking at a virtual discussion hosted by the Project of Media & National Security at George Washington University.

He said the operation was one of the very first of its kind and was discussed extensively beforehand by the FBI and the Justice Department. The department is figuring out how it plans to use the tool in the future.

“We don’t yet have sort of worked out what our criteria are going to be going forward,” Demers said. “Now that we’ve had this experience, that’s the kind of discussion we’re having internally now.

“This is not a tool of first resort that we’re going to be using a couple times a week as different intrusions come up,” he added. “This does require working with the private sector on the right solution. It does require testing to be sure that…

Source…

Fight to foil cyberthreats intensifies

/in


The rise of cyberthreats has alarm bells ringing for corporations and individuals seeking protection. (Photo by Wichan Charoenkiatpakul)
The rise of cyberthreats has alarm bells ringing for corporations and individuals seeking protection. (Photo by Wichan Charoenkiatpakul)

Cybersecurity has become paramount for businesses and individuals as digital transformation, internet usage and digital asset values are skyrocketing.

Thailand encountered more than 20 million cyberthreats last year, according to global cybersecurity company Kaspersky.

Kaspersky Security Network (KSN) reported its products detected 20,598,223 different internet-borne cyberthreats on computers using KSN items in Thailand last year. Some 28.4% of Thai users were at risk of infection from online threats last year.

Thailand ranked 87th worldwide when it comes to the dangers associated with surfing the internet. Among its Asean peers, the Philippines was sixth, Malaysia seventh, Vietnam 19th, Indonesia 66th and Singapore 154th.

For web threat detections against consumers and businesses, data shows 2.7 million detections on consumer products and 856,000 detections on corporate products in Thailand.

Thailand ranked fifth in Asean for highest level of consumer detection, and third for highest level of business detection.

Kaspersky said its products detected 49.9 million local incidents on computers using KSN items in Thailand, ranking 70th worldwide.

The share of incidents caused by servers hosted in Thailand stands at 0.01%, which represents 273,458 incidents.

Thailand ranks 56th in this category worldwide.

The firm’s new report titled “Mobile Malware Evolution 2020” also shows 28,861 mobile malware detections in Thailand last year, ranking the country 44th in this category globally.

RISKS FACING COMPANIES

“The pandemic has blurred the lines dividing corporate defence and home security,” said Yeo Siang Tiong, general manager for Southeast Asia of Kaspersky.

“Remote work, online classes and digitalisation across all sectors will continue, at least during 2021, and it is high time for all shapes and sizes of businesses to understand online threats, even against individuals, should be considered as risks against companies.”

Mr Yeo said several incidents in the form of scams…

Source…