Security News

With the massive surge in ransomware attacks in the last few years, businesses can't afford to ignore the increasing possibility of facing one, and should invest money and effort into crisis management. Practice in crisis management steps requires maximum participation by the organization.

Data projections point to 2021 as another record-setting year on track to surpass 11 million global DDoS attacks. In the wake of Colonial Pipeline, JBS, Harris Federation, Australian broadcaster Channel Nine, CNA Financial, and several other high-profile attacks, the impact of DDoS and other cybersecurity attacks has been felt worldwide.

Bart McDonough: I think when people hear the term financial services? I think that the lay person thinks of banking, and they're right to be concerned about cybersecurity at banks, but candidly, those organizations are really well-equipped. So I think that right there should be a wake-up call to the regulatory bodies, certainly to the industry about the risks that are facing these kind of other financial services.

While a few fraudsters may have turned to deceit because of economic pressures, the coronavirus generally had little to do with fraudster's motives. Means: With contact agents overwhelmed and honest customers distressed, fraudsters developed new ploys.

We look into an unnerving case of mixed-up video feeds. We warn you against "Going rogue" when you can't get the download you want from the regular place.

Sivan Tehila, cybersecurity strategist at Perimeter 81, discusses climate change and the cyber-resilience lessons companies should take away from dealing with the pandemic. While COVID-19 caught many businesses off guard, smart executives are already thinking about the next global crisis and what challenges it might present for IT security.

As if the exponential rise in phishing scams and malware attacks in the last five years wasn't enough, the COVID-19 crisis has worsened it further. Many scammers have rolled out campaigns offering COVID-19 vaccines, free medical tests and testing kits, tax rebates for donation to pandemic relief funds, information on COVID-19 cases, and new job opportunities due to the economic downturn.

The pandemic's unprecedented impact on healthcare lay bare the gaping holes in the healthcare industry's cybersecurity defenses. Woods, who has worked for the past 10 years with small hospitals, healthcare focused nonprofits and government entities, added, "If technology goes offline, doctors and nurse practitioners can no longer give the quality of care that they were able to, or to as many people. Right now, with COVID-19, there's a dramatic rise in the attack surface and the number and types of systems that are being used," he said.

Texts were received by unsuspecting members of the public between 29 February and 30 April, said the UK Information Commissioner's Office. The texts promoted Zoono-branded hand cleaning products that purported to be "Effective against coronavirus," said the ICO. Reg readers will remember that silly members of the public bulk-bought certain products, including toilet paper and hand sanitisers as the spread of the potentially deadly virus made its way across Europe.

Almost 40% of senior security leaders said that when they held crisis exercises, there was inaction from the business and those most critical in crisis were missing in cybersecurity training. "In the first 30-minutes of a crisis, it is highly unlikely you're thinking of your plan. It's the real-life, crisis simulation training that prepares organizations to effectively respond to security incidents. Micro-drills, or very focused exercises, designed to address particular risks, must make their way into the mix. Much like exercising to stay fit, this needs to happen with regularity in dynamic environments, and involve all the right people, in order to keep current and be effective."