Tag Archive for: organization

Defending Your Organization Against Ransomware

/in


Every day, coordinated cybercriminal groups are developing more advanced skills to hack organizations’ networks. The number of ransomware attacks has increased significantly, and it’s getting easier for sophisticated cybercriminal gangs to access companies’ data. As ransomware attacks become more refined and organizations are under rising threat, the stakes are high. In fact, ransomware attacks could cost businesses as much as $250 billion per year globally by 2031, compared with only $20 billion in 2021–a 13X increase in 10 years.

Despite this, many companies don’t seem concerned about the risk they’re exposed to. This trend of ‘cyber apathy’ means that only 15% of IT leaders are currently prepared to face ransomware attack. Business leaders must understand that all organizations are a potential target for cyberattackers. The question is not whether a business will face an attack but when.

And the consequences of an attack can be immense. For example, a company may have to stop all activity for between 20 and 30 days on average, which leads to an enormous waste of time and money. From our experience, ransomware attacks may lead to a daily loss of £274,000 in revenues for an organization making £100 million in profits every year. The only way to resume activity and prevent a huge financial loss is to pay up. In the UK, over 80% of businesses pay ransomware demands, making it the country most likely to pay cyberattackers in the world.

But as long as businesses pay, the vicious cycle will continue; cybercriminal groups will keep making profits from conducting ransomware attacks. Companies must react and focus on developing defense strategies to stop bad actors in their tracks.

Understanding Cybercriminal Organizations

Ransomware has become very lucrative, offering full-time jobs to thousands of individuals around the world. People are hired to conduct reconnaissance and ensure attacks are perfectly coordinated to leave businesses no other choice than to spend millions to protect their own and their customers’ data, financials and reputations.

Everyone has very specific role when it comes to performing attacks. Sophisticated cybercriminal groups can be made up of…

Source…

As NATO celebrates 74th anniversary, Royal Navy a crucial ally of the organization — MercoPress

/in


As NATO celebrates 74th anniversary, Royal Navy a crucial ally of the organization

Tuesday, April 4th 2023 – 21:38 UTC


Relations between the Royal Navy and NATO have ‘never been closer’ as the alliance marks 74 years since its creation this month amid continued global instability. British warships spent nearly 10,000 hours – 60 weeks – on NATO operations in 2022 and that pace has continued unabated in the first four months of 2023.

The Royal Navy is at the heart of galvanized NATO efforts as Russia’s unprovoked war in Ukraine continues, securing Europe’s crucial waterways and chokepoints for the prosperity of allies and partners.

“While the Royal Navy has always supported NATO maritime operations, since the illegal invasion of Ukraine by Russia over a year ago, we have worked even more closely with our NATO allies at sea,” said Deputy Assistant Chief of Staff at the Maritime Operations Centre in Northwood, Captain Steve Banfield.

“Collaboration between NATO and the RN has never been closer; in particular in the execution of coordinated Maritime Security operations and exercises in the Norwegian Sea, North Sea, Baltic and the Mediterranean.”

From the freezing Arctic and Baltic, to the endless grey of the North Atlantic and azure waters of the Mediterranean, Royal Navy warships, submarines and aircraft have operated side by side with allies and partners so far in 2023, supporting peace and prosperity in Europe.

Patrol ship HMS Mersey recently operated in the Baltic to ensure the security and stability of the region as part of the Joint Expeditionary Force, a multinational defense framework complementary to NATO which is committed to Euro-Atlantic security with the Baltic region as one of its focus areas.

Amphibious flagship HMS Albion, HMS Somerset and RFA Mounts Bay have just returned from the Arctic where they were at the heart of an allied task group working on Norwegian security and NATO’s ability to protect its northern flank. 

Elsewhere in the Arctic Circle, Royal Marines and Commando…

Source…

How internet-facing webcams could put your organization at risk

/in


By exploiting webcams and other IoT devices, hackers can spy on private and professional conversations, potentially giving them access to sensitive information, says BitSight.

Image: Peter/Adobe Stock

Imagine a cybercriminal hacking into an internet-facing webcam set up in your organization and spying on a meeting, a manufacturing process or an internal training session. Then imagine what that person could do with the information they obtained. That’s exactly the scenario laid out by cyber risk company BitSight.

For a new report about insecure IoT devices, BitSight discovered that one in 12 organizations with internet-facing webcams or similar devices failed to properly secure them, leaving them vulnerable to video or audio compromise. Specifically, 3% of organizations tracked by BitSight had at least one internet-facing video or audio device. Among those, 9% had at least one device with exposed video or audio feeds, giving someone the ability to directly view those feeds or eavesdrop on conversations.

Jump to:

Which organizations are most at risk to this hacking?

The organizations analyzed included ones in the hospitality, education, technology and government sectors. Out of these, the education area was at the greatest risk, with one in four using internet-facing webcams and similar devices susceptible to video or audio compromise.

Further, Fortune 1000 companies suffered the greatest exposure, including a Fortune 50 technology subsidiary, a Fortune 100 entertainment company, a Fortune 50 telecommunications company, a Fortune 1000 hospitality company and a Fortune 50 manufacturing company.

Which devices were analyzed in this cyber risk survey?

Most of the devices analyzed by BitSight use the Real-Time Streaming Protocol to communicate over the internet, though some use HTTP and HTTPS protocols. With RTSP, users can send video and audio content and run commands to record, play and pause the feed.

Though many of the devices examined for the report were webcams, the analysis also included network video recorders, smart doorbells and smart vacuums. Some devices were actually set up for security purposes.

Why the devices are at risk of being hacked

Source…

Ransomware Attack Impacts Health Services Organization in Pennsylvania

/in


The incident may have compromised patient’s and employee’s Social Security numbers, driver’s license numbers, and financial information between August 21, 2021, and April 4, 2022.

On January 5, 2023, Maternal & Family Health Services (MFHS) — a private non-profit that serves women, children, and families of Northeastern Pennsylvania — announced the organization was a target of a ransomware attack that may have exposed sensitive data to an unauthorized individual.

In a statement, MFHS said they were made aware of the cybersecurity incident on April 4, 2022, and immediately called in third-party forensic teams to assist in securing the organization’s systems.

Results of an investigation revealed that hackers may have accessed the personal information of current and former employees, patients, and vendors between August 21, 2021, and April 4, 2022.

Sensitive data included, but may not be limited to, names, addresses, date of birth, driver’s license numbers, Social Security numbers, financial account/payment card information, usernames and passwords, health insurance information, and medical information.

However, MFHS reports no evidence that any compromised personal information was misused due to the attack.

The organization began sending letters on January 3, 2023 via U.S. mail to individuals who the data breach may have impacted — almost nine months after first becoming aware of the attack. The letter relayed information about the incident and steps individuals can take to protect their personal data.

These steps include monitoring personal accounts through credit reporting bureaus like Equifax, Experian, or TransUnion and placing fraud alerts on accounts if necessary. MFHS also recommends that individuals contact the Federal Trade Commission or their state Attorney General to learn more about protecting personal information, identity theft, or filing a complaint.

In addition, the non-profit created a phone hotline for people with questions concerning the ransomware attack. Call center agents are available at (833) 896-7339, Monday through Friday, from 9:00 am –9:00 pm Eastern Time.

In a news release, Maria Montoro Edwards, Ph.D., President & CEO of MFHS, said,…

Source…