Tag Archive for: pandemic

Ransomware attacks could reach ‘pandemic’ proportions. What to know after the pipeline hack.

/in


A cybersecurity expert warned U.S. lawmakers last week that the world was on the cusp of a “pandemic of a different variety.”



An "Out Of Service" bag covers a gas pump as cars continue line up for the chance to fill their gas tanks at a Circle K gas station near uptown Charlotte on May 11, 2021, following a ransomware attack that shut down the Colonial Pipeline. (Photo by Logan Cyrus / AFP)

© Logan Cyrus/AFP/Getty Images
An “Out Of Service” bag covers a gas pump as cars continue line up for the chance to fill their gas tanks at a Circle K gas station near uptown Charlotte on May 11, 2021, following a ransomware attack that shut down the Colonial Pipeline. (Photo by Logan Cyrus / AFP)

Christopher Krebs, who formerly headed the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security, testified Wednesday before the House Committee on Homeland Security that a form of malware called ransomware has become more prevalent than ever before. Given an ever-widening criminal enterprise and vulnerable digital landscape, he said, critical infrastructure is at risk of debilitating attacks.

Loading...

Load Error

Two days later, Colonial Pipeline, a major fuel pipeline connecting the East Coast, was hit in the largest known hack on U.S. energy infrastructure.

The incident, which instigated a shutdown of the pipeline, a panic-buying spree for gas and a price jump at the pump over the weekend, is one of the latest in a string of crippling ransomware attacks orchestrated by extortionary criminal organizations that mostly operate in foreign safe havens outside the grasps of America’s criminal justice system.

Experts say continued ransomware threats are inevitable, calling on businesses and governments to ramp up efforts to secure their online networks.

“Cybercriminals have been allowed to run amok while governments have mainly watched from the sidelines, unclear on whether cybercrime is a national security-level threat,” Krebs told lawmakers. “If there was any remaining doubt on that front, let’s dispense with it now: too many lives are at stake.”

What’s a ransomware attack?

Ransomware, a malicious computer code that hackers deploy to block an organization’s access to their own computer network to extort a ransom, is one of the most common forms of malware, experts say.

Hackers may barrage employees with phishing emails, convincing the user to download a file or visit an infected…

Source…

Cyber threats rise amid chaos of pandemic | News

/in


BOSTON — With local governments, schools and businesses using the internet to stay connected during the pandemic, hackers have been busy at work trying to exploit weaknesses in computer systems to steal money and personal information.

The Federal Bureau of Investigation’s Internet Crime Complaint Center logged 791,790 complaints of suspected internet crimes last year — an increase of more than 300,000 complaints from 2019. Reported losses exceeded $4.2 billion.

Topping the list of cyber crimes last year were computer “phishing” scams, non-payment/non-delivery scams and internet-based extortion, the agency said.

The FBI reported more than 12,000 victims of cyber crimes in Massachusetts last year, with losses topping $118 million.

“The bad guys have figured out how to make this into a business,” said Stephanie Helm, director of the MassCyberCenter at the Mass Tech Collaborative, which advises businesses and local governments on cyber security.

Helms said businesses, local governments and health care facilities, have become an increasingly popular targets for cyber criminals amid the pandemic.

The attacks range from malware, ransomware and email phishing scams, to old-fashioned con games using the internet to trick people out of their money.

The state Registry of Motor Vehicles is still reeling from a recent cyber attack that shut down its vehicle emissions system network.

Locally, Lawrence, Methuen and Haverhill city halls have reported coming under cyber attacks in the past year.

School districts have also come under attack in the past year, Helms said.

“Not only have they been targeted for ransomware but sometimes it was denial of service attacks that have shut down remote teaching classes,” she said.

Many other hacking attacks have preyed on people’s sense of loneliness throughout the pandemic, particularly the elderly who have been isolated at home or in long-term care facilities, she said.

The FBI data for Massachusetts shows that victims of cyber crimes 60 and older were more affected than other age groups last year. The agency reported…

Source…

Global Email Security Market Forecast Report 2021-2025: New Malware Techniques Drive Market Growth as Organizations Accelerate Cloud Migration Due to the COVID-19 Pandemic – ResearchAndMarkets.com | Business

/in


DUBLIN–(BUSINESS WIRE)–Apr 23, 2021–

This research service analyzes the global email security market.

Email remains the number one threat vector. It is the primary mode of corporate communication and the de facto standard for B2B and B2C communications. During the COVID-19 pandemic, email continues to be the chief channel for business communication, and this trend is driven by the surging trend of working from home.

Over the past few years, the complexity and the volume of threats have increased significantly. Email-based threats have become big business; specific verticals and individuals within organizations are targeted. Threat vectors continue to evolve, and the need for secure email has never been stronger. Attackers are more focused on people and less on systems. Business email compromise (BEC) fraud continues to affect organizations, both large and small. Consequently, traditional security solutions that are designed to protect systems and infrastructure are now inadequate.

Sophisticated and highly targeted email-borne attacks are on the rise, and many of these attacks use social engineering techniques. For businesses of all sizes, this is a serious problem as the legitimate communication channel they rely on extensively, email, is also the channel of choice to deliver malware and malwareless attacks. Advanced attacks combine email and cloud accounts. Cybercriminals are also leveraging pandemic-driven fears and uncertainties to launch their attacks.

The most significant trend in the market is the acceleration of the migration to the cloud. Customers are adopting cloud-based mailbox services and moving their email security to the cloud from on-premise appliances. The substantial adoption of Microsoft Office 365 has caused the biggest loss of email security posture for organizations.

As a result, organizations are looking for integrated solutions to increase operational efficiencies while gaining stronger and more comprehensive security. In such a competitive environment, email security vendors must be able to differentiate themselves.

  • Executive Summary – Market Engineering Measurements
  • Executive Summary – CEO’s Perspective
  • Introduction to the…

Source…

Bad Bot Report 2021: The Pandemic of the Internet

/in


The 8th Annual Bad Bot Report is now available from Imperva. Created using data from Imperva’s Threat Research Lab, it provides a comprehensive look at the bad bot landscape and the impact that this malicious traffic has across multiple industries.

Bad bot traffic amounted to 25.6 percent of all website traffic in 2020. This means that a record-breaking quarter of all internet traffic originated from bad bots last year.

Bad Bod Report Fig 1

Key findings from the 2021 Bad Bot Report:

Bad bot traffic now accounts for a quarter of all internet traffic. Increasing by 6.2 percent from the previous year, bad bot traffic now represents no less than a quarter of all internet traffic. Good bot traffic has risen 16 percent from last year, amounting to 15.2 percent of all traffic. Astoundingly, regardless of the increase in human traffic due to the global pandemic, human traffic decreased by 5.7 percent from last year to 59.2 of all traffic.

Telecom and ISPs were hit the hardest by bad bots. The bad bot problem is a cross industry one. Due to the wide variety of nefarious activities bad bots are capable of, such as account takeover using credential stuffing, to scraping of proprietary data, Grinchbots and more, their targets are varied, too. The top 5 industries with the most bad bot traffic include Telecom & ISPs (45.7%), Computing & IT (41.1%), Sports (33.7%), News (33%), and Business Services (29.7%).

Moderate and sophisticated bad bots still constitute the majority of bad bot traffic. Categorized as Advanced Persistent Bots or APBs, these accounted for 57.1 percent of bad bot traffic in 2020. These are plaguing websites and often avoid detection by cycling through random IP addresses, entering through anonymous proxies, changing their identities, and mimicking human behavior.

Bad bots have taken a liking to mobile identities. While Chrome remains a favorite identity for bad bots to impersonate, its overall share significantly dropped in 2020. Mobile clients like Mobile Safari, Mobile Chrome and others accounted for 28.1 percent of all bad bot requests in 2020. This is a significant increase compared to last year’s 12.9 percent.

Bad bots often originate from the same country they…

Source…