Year

now browsing by tag

 
 

Cybersecurity #experts #agree — expect more #ransomware this #year

Ransomware is one of the easiest cyberattacks to detect because it comes with an actual ransom note. However, 2017 gave way to new propagation mechanisms, which automated worming and increased infection rates.

Employee-facing services and technologies are a top concern to cybersecurity professionals. About 40% of employees use personal devices to send work emails and share or access company data without the IT department’s oversight.

The bring your own device policy is challenging for IT departments to combat. Ultimately, the policy leads to unintended shadow IT, which is often the Achilles heel of solid security practices.

Negligent employee actions can cost a company about $280,000 per incident. If the cost were not enough, companies need to come to terms with the fact that 64% of security breaches are caused by ignorant employee actions.

To help companies better track the most high-risk employees​, in terms of their cybersecurity incompetencies, vendors like Microsoft are including simulated ransomware or phishing attacks in their services.

Hackers will always take advantage of human error and poor judgment, so it’s up to security teams to educate line of business employees.

advertisement:

The post Cybersecurity #experts #agree — expect more #ransomware this #year appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

9 in 10 #Canadian Companies suffered at least one #cyber security #breach last #year

Source: National Cyber Security News

Canadian companies face almost constant cyber security threats, resulting in a rising number of incidents where sensitive data is stolen, according to the findings of a new study from Scalar Decisions Inc. of more than 420 Canadian IT and security workers.

Released today, the 2018 Scalar Security Study (commissioned by Scalar and conducted independently by IDC Canada) showed that Canadian organizations are attacked in varying degrees of severity more than 450 times per year, with 87% suffering at least one successful breach. Almost half (46%) are not confident in their ability to defend against attacks.

advertisement:

“As cyber security breaches become the new normal, organizations can’t be complacent. Many companies are still reporting gaps in their defences despite hiring full-time security staff, which may point to a deficit in the availability of highly skilled IT workers,” said Theo Van Wyk, Chief Security Architect, Scalar Decisions. “The rising number of high-impact breaches coincides with the increasing costs of recovery.”

The study, examining the cyber security readiness of Canadian organizations and year-over-year trends in handling and managing growing cyber threats, also found:

  • Of the companies that suffered a security breach, 47% had sensitive data stolen.

    Read More….

View full post on National Cyber Security Ventures

Hackers #stole $172 #billion last #year: #Consumers should #avoid these #mistakes

Source: National Cyber Security – Produced By Gregory Evans

Online hackers made out like true bandits in 2017, stealing over $172 billion from people in 20 countries around the world, a new report said.

Norton Cyber Security released its annual insights report and found that 44% of consumers were affected by a cybercrime in the last 12 months with an average victim losing $142.

Read More….

The post Hackers #stole $172 #billion last #year: #Consumers should #avoid these #mistakes appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

#New Year and New #Measures for #Cybersecurity

Source: National Cyber Security – Produced By Gregory Evans

Time for resolution as the New Year approaches, whether we plan for fitness to lose weight or spend quality time with friends and family. Nevertheless, one in ten people manage to stick on to their plan, similarly, one in seven people think about cybersecurity as a priority.

CISOs as it comes into existence to enhance the protection of an enterprise network, system and data devices. As a cybersecurity professional, you will have an easier way to accomplish these goals

1. Cleansing 

Periodic cleansing is a better option rather than keeping it scheduled for your monthly chore. This way you can have an easy way to cleanse it because there will be fewer data during the vacation time. Look for new servers, devices, and apps which were introduced recently. Clean up any potential messes that have accumulated during this course.

2. Promote best practices

We have seen how employees from different professions miss keeping their devices protected due to their being ignorant of the risk of cybersecurity. We have also seen how the major problem of hacking happens due to the ignorant handling of systems. These cases have only helped companies to keep their focus on operating procedures and develop their employees to be tech savvy in the coming year. This way they will know the importance of cybersecurity and start promoting the practices. Educate them on how not to click on unknown links that come in their email inbox, and look for URLs before they actually start doing business on that. There is nothing like rocket science here, but only a few tips on how to keep yourself safe and sound.

3. Sophisticated password management

Looking at the kind of attacks in the recent times, just a password will not make any difference. Users need to come up with more sophisticated password management. Most companies that practice BYOD need to be extra cautious when their employees switch from home to the office network. Strong password in an encrypted database and accessing them through a master key should be the priority.

4. Patch Routers

Keep your routers and systems updated with all the patches in places. This also refers to the IoT systems which are under constant attack. The Internet of thing is vulnerable to such high volume attack. The user needs to be groomed on the way they need to take care of the facilities, and organizations should educate them on the different ways to keep the security under check. Strive to raise awareness and best practices among employees.

Let accept it, the odds are against us and if we try to transform the way we deal with our cybersecurity a lot of things will change. This is not an easy transition and that’s why many of them are not able to stick to their resolution. The above simple steps will go a long way to keep the attacks under check. There will be no better way to start the New Year on a positive note that is to keep it safe and secure.

The post #New Year and New #Measures for #Cybersecurity appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Identity #theft alert: How 77,0000 Canadians lost $99 million last year in #extortion, #phishing and #romance scams

Source: National Cyber Security – Produced By Gregory Evans

Identity #theft alert: How 77,0000 Canadians lost $99 million last year in #extortion, #phishing and #romance scams

Randy Chester was visiting one of his usual second-hand haunts this summer, a Value Village in Toronto’s east end, when he spied a beautiful shirt and vest for $20. Excited about his new finds, he tapped his debit card, only to be shocked by the resulting message: Insufficient funds.

“I was upset because I knew I had money,” he recalls. He tried the card again at a variety store, a restaurant and then at an ATM belonging to his bank, CIBC, and got the same message. When he called the bank to see what was going on, they asked him if he had been shopping at Yorkdale Mall in the city’s north end. There was a $1,500 purchase debited from his account, but Chester, a cancer patient on disability who uses a walker, had been at a medical appointment at the Princess Margaret Cancer Hospital that day.

“It’s like, hello!” he jokes. “Value Village, yes. Yorkdale Mall, no. I couldn’t get there with my walker.”

Then he remembered that a young man had called him on his flip-phone a few days before, claiming to be from CIBC and saying there was a problem with his debit card. Chester knew better than to talk to anyone about his banking information and hung up. The next day, he got a text message, purportedly from CIBC, that had the last four digits of his debit card number in it, and asked him to text back “Y” for yes if it was his account. He assumed because they had his number already, it was legitimate. He hit Y and send.

“The bank told me they would never send a text message,” says Chester, 61. “I didn’t know that.”

Once he reported the problem, the bank locked down his account, reversed the charges, and gave him a new bank card. But it’s impossible to tell how the scammers got his bank information, which is often the case when it comes to identity theft, says Jessica Gunson, the acting call centre and intake unit manager at the Canadian Anti-Fraud Centre in Thunder Bay, Ont.

“It certainly sounds like a variation on phishing,” she says, but notes that it’s unusual because the thief already had Chester’s bank information when he or she sent the text.

“We do know thieves have been known to dumpster dive, and it underlines the importance of having a paper shredder in the home and in the office. We need to treat our personal information like cash.” For that reason, experts advise leaving your Social Insurance Number card and birth certificate in a safe place at home, since thieves can do a lot of damage with your name, birth date and SIN.

The Canadian Anti-fraud Centre, jointly managed by the Ontario Provincial Police, the RCMP, the federal Competition Bureau, manages the central database for fraud complaints. Investigators across the country rely on its vast stores of data to compare notes on mass-marketing fraud and online scams. In 2016, it logged more than 77,000 complaints that resulted in losses of more than $99-million, with the top scams by complaint involving extortion, phishing, and fake computer-service companies. The frauds that resulted in the most money lost were romance scams, at more than $20-million.

Though Gunson could not begin to guess how criminals got Chester’s information, she said it is important never to leave a paper receipt of a transaction in or near the banking machine, and to use online banking to check balances, rather than printing them out at ATMs.

“When it comes to identity theft and identity fraud, the difficulty is in pinpointing the source. Unless (investigators) find a boiler room where people are mass producing ID, it is difficult to determine on an individual basis where it is coming from.”

The good news is most cases of identity theft and identity fraud result in little financial loss to the victims, but Gunson says it takes time and effort to untangle the mess.

In Montreal, actor Paul Burke figures someone used a surveillance camera or fake keypad or card reader to obtain his PIN, which they used to empty his account of $700 in the summer of 2010. He called the bank, which contacted the RCMP. And then he waited.

“ I called them back after a week and I said, ‘I have zero money. I need my money back,” says Burke, 48.

Within a day or two of that call he had the money in his account, but to this day he has no clue what happened.

“It was so bizarre. I consider it a one-off, but obviously I should be more careful.”

The post Identity #theft alert: How 77,0000 Canadians lost $99 million last year in #extortion, #phishing and #romance scams appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

54% of #security #experts anticipate a successful #cyberattack on their #enterprise within the year

Source: National Cyber Security – Produced By Gregory Evans

54% of #security #experts anticipate a successful #cyberattack on their #enterprise within the year

A successful cyberattack on your enterprise may be imminent, and security experts say many companies aren’t doing enough to protect themselves. Increasingly, risks are coming from within.

Ask a cybersecurity expert or hacker to name the weakest link in any security plan and they will inevitably answer “the people.” Just like everything else, security can’t account for the unpredictability of the human factor. In an enterprise setting, employees will circumvent protocols for the sake of convenience, offer bits of information to strangers because they asked nicely, and generally make a mess of any well-laid enterprise-wide cybersecurity plan.

According to the Cybersecurity Trends 2017 Spotlight Report (PDF), 54% of cybersecurity professionals surveyed anticipate a successful cyberattack on their organization in the next 12 months. Some 40% of those professionals also view the lack of employee awareness as a major obstacle to stronger cybersecurity.

With increases in mobility and the adoption of a BYOD culture in the enterprise, 69% of the surveyed cybersecurity professionals are increasingly concerned about data leakage. Another 64% believe their organizations will have to deal with the download of unsafe applications and the introduction of malware stemming from portable storage devices and the like in the next year.

While workforce mobility and the culture of BYOD certainly produce tremendous benefits for modern enterprises, the technology presents a challenging risk for cybersecurity professionals. The only viable approach to overcoming, or at least mitigating, the human factor is to educate employees and establish a comprehensive policy to govern how personal devices, especially portable storage devices, will be introduced to an enterprise network.

TechRepublic’s premium sister site, Tech Pro Research, offers a ready-made Portable Storage Device Policy to help you regulate and secure usage of portable storage devices to help reduce the risks.

The post 54% of #security #experts anticipate a successful #cyberattack on their #enterprise within the year appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Ransomware Sales on the Dark Web Surged by 2,502 Percent in the Past Year

Source: National Cyber Security – Produced By Gregory Evans

Ransomware Sales on the Dark Web Surged by 2,502 Percent in the Past Year

The past year saw a 2,502 percent increase in sales of ransomware on the dark Web, from just under $250,000 to more than $6.2 million, according to a recent Carbon Black report.

“This increase is largely due to a simple economic principle — supply and demand,” the report states. “Cyber criminals are increasingly seeing opportunities to enter the market and looking to make a quick buck via one of the many ransomware offerings available via illicit economies.”

There are now more than 6,300 dark Web marketplaces selling ransomware, with 45,000 product listings priced from $0.50 to $3,000, and a median price of $10.50.

“Based on our research, ransomware can no longer be perceived as petty criminals performing stick-ups and kidnappings,” Carbon Black security strategist Rick McElroy said in a statement. “Instead, ransomware has become a rapidly growing, cloud-based black market economy focused on destruction and profit.”

“Today, legitimate enterprises avoid heavy investments in infrastruture — and hackers are no different,” McElroy added. “In fact, with ransomware, hackers have set a model for a cloud-based, high-profit and effective turnkey service economy.”

A Growing Threat

A recent Crowd Research Partners survey of 516 cyber security professionals, commissioned by Cybersecurity Insiders, found that while 80 percent of respondents view ransomware a moderate or extreme threat, only a small fraction say they would pay the ransom or negotiate with attackers.

The most common ransomware infection vectors, the survey found, are from employees opening malicious email attachments (73 percent), responding to a phishing email (54 percent), or visiting a compromised website (28 percent).

The most effective way of blocking ransomware, respondents said, is user awareness (77 percent), followed by endpoint security solutions (73 percent) and patching operating systems (72 percent).

Fifty-one percent of respondents are only slightly to moderately confident of their organization’s ransomware defenses, and 39 percent say it would take as long as a few weeks to recover from an attack.

“In many respects, ransomware is a game changer,” Cybersecurity Insiders founder and CEO Holger Schulze said in a statement. “It is incredibly easy and inexpensive for cyber criminals to execute highly profitable attacks on a global scale.”

No Defenses

A separate Magnet Networks survey of 205 companies in Ireland found that fully 48 percent of respondents have no cyber security policy in place. Another 27 percent either said they’re completely unsecure or their security needs tightening.

“We found that only 13 percent of respondents think that their business is very secure — and in the absolute world of cyber attacks you are either totally secure or you are vulnerable in some way,” Magnet Networks cyber security expert James Canty said in a statement.

In 72 percent of companies with under 10 employees, network security is handled either by the business owner, the office manager, or in 9 percent of cases, no one at all.

That means that as many as 171,000 Irish businesses, Canty said, “have no one qualified looking after their network security and may not be protected against a ransomware and cybercrime industry which is growing at a rapid rate.”

Source:

The post Ransomware Sales on the Dark Web Surged by 2,502 Percent in the Past Year appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

WannaCry ransomware was the biggest challenge of the year, says cybersecurity centre

Source: National Cyber Security – Produced By Gregory Evans

The WannaCry ransomware attack was the biggest test of the year for the UK’s new cybersecurity body. The National Cyber Security Centre’s (NCSC) annual review marks a year since it started work, although it was officially opened in February. In those 12 months, the NCSC says 1,131 cyber incidents have…

The post WannaCry ransomware was the biggest challenge of the year, says cybersecurity centre appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cybercrime is costing each business a whopping $11.7M a year, report says

Source: National Cyber Security – Produced By Gregory Evans

The cost of cybercrime has risen 62% over the past five years, costing each organization some $11.7 million per year, according to a joint report from Accenture and the Ponemon Institute report released Tuesday. The Cost of Cyber Crime Study, announced in a joint press release, was built on the survey…

The post Cybercrime is costing each business a whopping $11.7M a year, report says appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Tennille Whitaker Elko County teacher arrested after 2 year sex relationships with 2 students

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ Tennille Whitaker Elko County, Nevada teacher is arrested after allegedly maintaining sexual relationships with two male students over the course of two years. Also joining the ever expanding legion of female …

The post Tennille Whitaker Elko County teacher arrested after 2 year sex relationships with 2 students appeared first on Become007.com.

View full post on Become007.com