Tag: priority | SpinSafe

Only 23% of board members consider ransomware their top priority

March 3, 2022/in Internet Security

A security logo is shown on screen during a keynote address at the Consumer Electronics Show on Jan. 7, 2016, in Las Vegas. (Photo by Ethan Miller/Getty Images)

Research from Egress on Wednesday found that only 23% of board members consider ransomware their top priority.

The software company said it’s a major concern because according to the survey, 59% of organizations fell victim to ransomware and a staggering 84% of organizations were victims of phishing, even though 98% of companies offer anti-phishing training to the staff.

“Cybercriminals continue to leverage sophisticated social engineering attempts to catch users at a weak moment and gain access to the sensitive data they’re seeking,” said Jack Chapman, vice president of threat research at Egress. “The results of this study show that cybersecurity training is limited in its effectiveness and it’s a big ask for people within an organization to be constantly vigilant to phishing threats”

It’s incredibly concerning that only 23% of board members see ransomware as a major threat to their organizations, said Hank Schless, senior manager, security solutions at Lookout. Schless said this might happen because board members think about these events in terms of what can have the most impact on the business. However, a successful ransomware attack can be detrimental to the existence of any organization.

“Everyone needs to understand the connection between security and business continuity,” Schless said. “Today, when entire organizations run on cloud-based infrastructure, everything about the business relies on having secure systems. The commercialization of ransomware and the emergence of the Ransomware-as-a-Service market have made these attacks much more viable for less sophisticated hackers. This will only increase the number of ransomware attacks organizations face.”

John Bambenek, principal threat hunter at Netenrich, said business leaders are in business to make money and they view security as a cost center, ironically even for security companies.

“Part of this number is complacence,” Bambenek said. “Like car insurance, no one thinks accidents will happen to them until they do. Part of it is the idea…

Source…

Q2 Ransom Payment Amounts Decline as Ransomware becomes a National Security Priority

July 23, 2021/in Mobile Security

If you had told us at the beginning of 2021 that then President elect Biden would be having a nose to nose face off with Putin over ransomware, we would have speculated that some serious escalation must have occurred. In reality, the lackadaisical indifference of one threat actor (DarkSide) set off a compounding series of events that have led us to where we are today. Given the volume of attacks that Ransomware-as-a-service (RaaS) groups conduct, and the de minimis diligence that these groups perform, we are quite certain that the DarkSide affiliate that attacked Colonial Pipeline, had no idea that a) Colonial controlled 45% of the gasoline supply on the US east coast, b) that shutting down that pipeline would cause a consumer run on gasoline, c) that NOTHING gets voters and their duly elected representatives out of their chairs like rising gasoline prices, and finally d) that if you mess with US gasoline prices, you are going to get the attention of the President. Other high profile attacks that would have otherwise garnered 12 hours of media attention were (FINALLY) codified proof that the US indeed has a major problem with ransomware.

In reality, the volume and severity of ransomware attacks have been extreme but relatively stable for at least 18 months. The focus and attention could not come at a better time, and the true scope of what US organizations and enterprises are up against may still not be fully appreciated. Ransomware groups now have operating budgets that may rival small nations themselves. For context, in late June, FBI Director Christopher Wray requested an additional $40 million for the FBI’s cybersecurity budget. Coveware estimates that REvil alone may have collected close to $100 million in ransom payments in just the first 6 months of 2021. And that is one group. A note to anyone in Congress reading this, please add at least one zero to Director Wray’s requested cyber budget. What will these groups do with these war chests? So far, we are seeing signs that some groups are moving up market and purchasing more expensive…

Source…

Smishing – what is it? And why should it be a top priority for CISOs?

June 21, 2021/in Mobile Security

Anyone who uses a smartphone has likely been the target of at least one smishing attack. Short for SMS phishing, smishing is an increasingly popular choice of attack vector, where the user is deceived into downloading virus or malware onto their mobile devices.

Smishing as a form of attack is of particular concern as people are trusting and responsive to text messages rather than email. Only 1 in 4 emails are opened by consumers, whereas 82 percent of text messages are read within five minutes.

Like phishing, smishing tries to trick users into giving up valuable information, such as bank login credentials, by convincing the recipient that the message has come from a trusted source. While these types of scams have been exploiting email accounts for decades, cybersecurity professionals should be worried about the dramatic rise in smishing attacks over the past couple of years.

High alert

Recently, a fraud alert was exposed involving fake texts from the NHS telling people they were eligible for their Covid-19 vaccination. This URL then took users to a convincing, yet false, NHS website that asked for personal details – unfortunately, these types of scams are exposed daily and are ever-increasing.

Even before the era of Covid-19, approximately 81 percent of organizations said their employees had experienced a smishing attack on their mobile devices. In 2020, after intermittent lockdowns were put in place around the world, smishing attacks proliferated exponentially. One study found that between March and July 2020, these attacks increased by an alarming 29 percent.

Why are people more vulnerable to smishing now?

Although phishing attacks have been around forever, there are at least a few reasons why smishing is more worrisome for IT security today:

It’s far easier to block email phishing on corporate-owned PCs, but today’s remote workers are now using their personal devices to access corporate apps and data. And frankly, there’s just no straightforward way to verify the authenticity of URLs on smartphones, so users often just click and hope for the best.

As of 2020, 2.8 billion users around the world now carry smartphones. The devices are literally everywhere,…

Source…

Exclusive: U.S. to give ransomware hacks similar priority as terrorism

June 3, 2021/in Internet Security

The U.S. Department of Justice is elevating investigations of ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and mounting damage caused by cyber criminals, a senior department official told Reuters.

Internal guidance sent on Thursday to U.S. attorney’s offices across the country said information about ransomware investigations in the field should be centrally coordinated with a recently created task force in Washington.

“It’s a specialized process to ensure we track all ransomware cases regardless of where it may be referred in this country, so you can make the connections between actors and work your way up to disrupt the whole chain,” said John Carlin, principle associate deputy attorney general at the Justice Department.

Last month, a cyber criminal group that the U.S. authorities said operates from Russia, penetrated the pipeline operator on the U.S. East Coast, locking its systems and demanding a ransom. The hack caused a shutdown lasting several days, led to a spike in gas prices, panic buying and localized fuel shortages in the southeast.

Colonial Pipeline decided to pay the hackers who invaded their systems nearly $5 million to regain access, the company said.

The DOJ guidance specifically refers to Colonial as an example of the “growing threat that ransomware and digital extortion pose to the nation.”

“To ensure we can make necessary connections across national and global cases and investigations, and to allow us to develop a comprehensive picture of the national and economic security threats we face, we must enhance and centralize our internal tracking,” said the guidance seen by Reuters and previously unreported.

The Justice Department’s decision to push ransomware into this special process illustrates how the issue is being prioritized, U.S. officials said.

A person fills a fuel container at a Shell gas station, after a cyberattack crippled the biggest fuel pipeline in the country, run by Colonial Pipeline, in Washington, D.C., U.S., May 15, 2021. REUTERS/Andrew Kelly/File Photo

“We’ve used this model around terrorism before but never with ransomware,” said Carlin. The process has typically been reserved for a short…

Source…

Tag Archive for: priority

Only 23% of board members consider ransomware their top priority

Q2 Ransom Payment Amounts Decline as Ransomware becomes a National Security Priority

Table of Contents

Smishing – what is it? And why should it be a top priority for CISOs?

Exclusive: U.S. to give ransomware hacks similar priority as terrorism