Tag Archive for: rise.

Ransomware Attacks on the Rise Globally and in Israel

/in


Ransomware attacks are becoming increasingly common globally, including in Israel. The recent attack on the Mayanei Hayeshua hospital did not come as a surprise to Bobi Gilburd, Chief Innovation Officer at Team8 and former commander of the 8200 unit’s Cyber Center. Gilburd explains that the key difference lies in an organization’s response and recovery. While some businesses are severely impacted and may even be forced to close, others are able to recover swiftly.

According to Gilburd, ransomware attacks are on the rise, in part due to the introduction of generative artificial intelligence. He emphasizes that the answer to AI-driven attacks is AI itself. Gilburd encourages the use of AI-enhanced security products to counter evolving threats.

Ransomware attacks are widespread globally and are not specifically targeted at certain institutions. Attackers use malware to scan thousands of websites for vulnerabilities. While most attempts may fail, a small percentage may succeed. When conducted on a large scale, these attacks can affect numerous sites.

The attacks often start with phishing, where employees are tricked into opening malicious emails or visiting malicious websites. Education can help prevent such attacks by teaching people how to identify unusual elements in emails. Automatic tools can also block such emails at the corporate level.

If an employee falls victim to a phishing attack, automatic protection products play a role in detecting unusual domain requests and halting the attack. However, in some cases, these defense mechanisms may fail due to outdated or insufficiently powerful products or the exploitation of zero-day vulnerabilities.

When the attack successfully infiltrates the network, protection products within the network should prevent movement between computers and unauthorized access. In the case of Mayanei Hayeshua, this defense mechanism appears to have failed, leading to the widespread spread of the attack.

Once the attack is noticed, affected computers become unresponsive, and the ransomware spreads from one computer to another, encrypting databases. This process can take hours, providing an opportunity to halt the attack by shutting down the server and…

Source…

What Causes a Rise or Fall in Fresh Zero-Day Exploits?

/in


Governance & Risk Management
,
Patch Management

Google Report Lauds Transparency and Researchers, Warns Against Incomplete Fixes

Mathew J. Schwartz
(euroinfosec)


July 31, 2023    

What Causes a Rise or Fall in Fresh Zero-Day Exploits?
Image: Shutterstock

Why are so many fresh zero-day vulnerabilities getting exploited in the wild?

See Also: Live Webinar | Unmasking Pegasus: Understand the Threat & Strengthen Your Digital Defense


A new study from Google says that last year, 41 new zero-day vulnerabilities were exploited in the wild. While that’s welcome news in terms of recent volume – it’s a 40% decrease from the all-time annual high of 69 in 2021 – it’s still well above the annual average compared to 2015 onward.


Zero-day vulnerabilities are dangerous because they allow attackers – who are oftentimes spies but sometimes criminals – to amass victims, frequently without the victims becoming aware until it’s too late. But simply counting the number of zero-day flaws that are found every year isn’t a guide to whether things are getting better or worse, and also cannot account for how many zero-day exploits are being used in the wild but haven’t yet been detected by the “good guys.”


One reason so many zero-day flaws were discovered last year – over the average since 2015 – is likely thanks in part to vendors being more transparent, said Maddie Stone, a security researcher with Google’s Threat Analysis Group, in a blog post.


Unfortunately, 40% of the new zero-days discovered were variations on zero-day vulnerabilities vendors had already patched. Sometimes, vendor fixes were part of the problem because they added new, exploitable flaws to the code base.


“The…

Source…

Vijayasai expresses concern over rise in cybercrimes in rural areas

/in


Update: 2023-07-22 08:31 IST

Vijayawada: Union Minister of Electronics and Information Technology Ashwini Vaishnaw said that State governments are responsible for the prevention, investigation of cyber crimes through police departments including in training the police personnel and upgrading their technical knowhow to investigate and crack such crimes.

Replying to a question raised by YSRCP MP V Vijayasai Reddy in Rajya Sabha on Friday on increasing cyber crimes in rural India and cyber attackers targeting rural population with less awareness, the Union Minister said a toll free number 1930 was set up by the Central government.

He said a Cyber Crime Coordination Centre under the Ministry of Home Affairs has been designated as the nodal point in the fight against cyber crime. In addition CY Train portal was developed by Cyber Coordination centre for the capacity building of police officers.

The Union Minister said Cyber Swachhta Kendra-Botnet cleaning and Malware analysis centre operated by Indian Computer Emergency Response Team (CERT-In) has been established. The centre works in coordination and collaboration with Internet service providers, academia and Industry.

The centre facilitates detection of malicious programmes and free tools to remove the same for common users.

Source…

Alarming rise in ransomware attacks on education: Sophos

/in


Leading cybersecurity firm Sophos has shed light on the alarming increase in ransomware attacks targeting the education sector.
Sophos report on recovery cost in educationThe report titled The State of Ransomware in Education 2023, based on a survey of 400 IT / cybersecurity professionals across 14 countries, unveils the real-world experiences of educational institutions in the face of cyber threats.

Spike in Attacks and Data Encryption

The survey findings revealed a stark rise in ransomware attacks on educational institutions. The education sector reported the highest rates of ransomware attacks among all industries surveyed. An alarming 80 percent of lower education providers and 79 percent of higher education providers reported falling victim to ransomware attacks in 2023. This represents a significant surge from the previous year, with rates more than doubling since 2021, when only 44 percent of education providers faced such attacks.

Additionally, data encryption in the education sector has seen a steady increase. Lower education providers reported an 81 percent rate of data encryption, while higher education institutions reported a rate of 73 percent, remaining consistent with the previous year.

“Double Dip” Method and Data Recovery

One worrying trend is the increasing prevalence of the “double dip” method, where cybercriminals not only encrypt the data but also steal it for potential data exfiltration. Of the lower education organizations that experienced data encryption, 27 percent reported that their data was also stolen. In higher education, this figure rose to 35 percent, indicating a growing adoption of this malicious tactic.
Sophos report on ransomware in education sector 2023The ability to recover encrypted data is crucial for organizations facing ransomware attacks. Fortunately, all higher education institutions and 99 percent of lower education organizations were successful in recovering their data. Notably, the recovery rate for the education sector surpasses the cross-sector average, indicating a degree of resilience in the face of such threats.

Root Causes of Attacks

The report also identified the root causes behind the ransomware attacks. For lower education, compromised credentials (36 percent) and exploited…

Source…