Security News
Among the 411 IT and security professionals surveyed by Check Point and Dimensional Research, 71% said they've seen an increase in security threats or attacks since the start of the COVID-19 outbreak. Some 56% pointed to the task of securing remote access as the top challenge, 55% mentioned the need for remote access scalable solutions, and 47% pointed to remote workers finding and using untested tools and services.
Robert Lee, founder and CEO of Dragos, discusses the dangers cyberattacks pose to critical industrial infrastructures. Dan Patterson: What do we mean when we talk about this abstract idea of infrastructure and connected infrastructure?
Robert Lee, founder and CEO of Dragos, discusses the dangers cyberattacks pose to critical industrial infrastructures.
Cybercriminals are increasingly directing targeted attacks at specific organizations or individuals, says security provider Positive Technologies. In 2019, the number of targeted attacks outpaced the number of mass attacks, showing that bad actors are adopting a more focused strategy, according to Positive Technologies.
A few days earlier, the U.S. Department of Health and Human Services suffered a DDoS attack, assumed to have been launched by a hostile foreign actor, aimed at slowing down the agency's services amid the government's rollout of a response to coronavirus. During an unprecedented time of peak traffic, the risk of a DDoS attack is growing exponentially.
World Backup Day is March 31, and while cyberattacks are a potential threat to their data, many SMBs say they don't have a data backup or disaster recovery process, according to data protection company Infrascale. Among them, 49% said that cyberattacks are their biggest concern when it comes to protecting data, while 58% pointed to security vulnerabilities as their biggest data storage challenge.
Though Tupperware never responded to multiple attempts at contact by researchers, as of March 25, after research was publicly disclosed detailing the card skimmer, the malicious code was removed from the homepage. Researchers first came across the card skimmer during a web crawl, when they identified a suspicious iframe - responsible for displaying the payment form fields presented to online shoppers - that was loaded on the Tupperware[.
SEE: Security Response Policy The report, "The Global State of Industrial Cybersecurity," which includes responses from full-time IT pros in the US, UK, Germany, France, and Australia, found that business security leaders in the US are more concerned about the security of their industrial OT systems than are leaders in other nations. The data also showed that global IT security professionals have a more positive overall outlook about their OT network security compared with their counterparts in the US. About 62% of the global IT respondents said they believe that industrial OT networks are properly safeguarded, compared to only 49% of US respondents.
The attack appeared to be aimed at achieving a foothold at the agency rather than being an end unto itself: "The targeting infrastructure seems to focus on certain types of healthcare and humanitarian organizations that are uncommon for cybercriminals," Costin Raiu, researcher at Kaspersky, told Threatpost. As for the "Why" of the attack, which was thwarted, Raiu said that information about remediation for coronavirus - such as cures, tests or vaccines - would be invaluable to any nation-state's intelligence officials.
Authorities in the United States and Europe have issued warnings of increased malicious cyber-activity related to the ongoing COVID-19 pandemic. The attacks, FBI says, may come in the form of fake Centers for Disease Control and Prevention emails, phishing emails asking for personal information to receive money or encouraging people to donate for various causes, and offers for counterfeit treatments.