[ad_1]
[ad_2]
Bloomberg News
Source link
[ad_1]
Opinions expressed by Entrepreneur contributors are their own.
Data is the most valuable asset in today’s interconnected world, where ones and zeroes reign supreme. However, securing every last byte of the predicted 181 zettabytes of data that will be consumed by 2025 is a dystopia in and of itself. So, as a business leader, it’s not a matter of if but when your organization will face a cyber incident.
Immediate financial losses aren’t the worst part of a data breach. In fact, the lasting effects are the more troublesome ones. Long-term implications of a data breach spread across a company and impact its reputation, customers, workforce, databases and even its network architecture.
How you react following an attack has an enormous influence on the effectiveness of your recuperation efforts and the long-term viability of your organization. In this article, we will explore the essential steps business leaders should take and the pitfalls to avoid in the challenging journey after a hack.
Related: How to Protect Your Customers (and Your Brand) From Data Breaches
Much like death and taxes, cyberattacks are now a part of everyday life. By following a prepared strategy, the actions you take can maintain data security, significantly reduce risk and help mitigate some of the fallout.
The first hours and days following a cyberattack are crucial. Unfortunately, in many cases, weeks and months can pass before companies realize they are breached. The sooner you respond, the better your chances of minimizing its impact on your organization. Quickly finding breached endpoints and servers and rapidly segregating them should be prioritized. This strategy prevents lateral movement within the corporate network and hinders dangerous code from infecting further systems.
Successful containment brings us to the next phase — assessing the scope of the hack. A major part of efficient recovery depends on knowing how large the breach is. Conduct a thorough investigation to determine what data has been compromised and how it could affect your company’s operations. Before restarting operations, do a comprehensive analysis, uncover any vulnerabilities, fix them and ensure all affected systems are secure. Depending on the scope and resources of your in-house IT team, you can either employ vulnerability management tools or engage the expertise of a seasoned cybersecurity firm.
Perform a thorough evaluation of your current security protocols, policies and technologies when there is even a slight indication of a breach. Identify any vulnerabilities or loopholes that were exploited during the assault and put strong measures in place to stop similar attacks in the future.
The primary actions to consider here include implementing a Secure Access Service Edge solution (SASE), an Identity Access Management solution (IAM), Endpoint Threat Detection and Response (EDR) cloud security solutions and a combination of Unified Endpoint Management (UEMs) and endpoint security solutions. Regardless of the blend of tools and solutions you choose, the end goal should always be to promote a culture of zero trust in the digital landscape.
Employees tend to be the most vulnerable branch of a company’s security architecture. Cybercriminals exploit these human vulnerabilities through social engineering and phishing attacks. Reports show that 74% of all attacks last year were instigated due to human error. So, routinely instruct your employees on cybersecurity best practices, highlighting the need to use strong passwords, spot phishing scams and adhere to safe protocols. When executed successfully, employee education is a strong deterrent against future assaults.
Like a seasoned gladiator ready for battle, merely arming yourself for the hack is insufficient; you must also be prepared to defend yourself from attacks. Frequently put your crisis response plans to the test and refine them via simulated exercises. Through such drills, you can identify any shortcomings or deficits in your response capabilities and fine-tune the process. A well-trained team can react swiftly and efficiently to reduce the damage brought on by a breach.
Recovering from a hack is a strenuous and exhausting endeavor, and there are certain obstacles or pitfalls to avoid that could turn a fiery blaze into a roaring inferno.
The most important thing is that there is no room for denial. Hiding a breach under the rug or downplaying its severity only worsens the situation and builds distrust among stakeholders. Transparency is crucial after a cyberattack. Inform your staff, clients, business partners and the proper authorities as soon as possible about the incident and its severity. It’s also important to control your reputation and communicate effectively. Ignoring public relations can have a long-lasting negative effect on your brand and customer loyalty.
Another mistake is overlooking the importance of cybersecurity insurance. Cyber insurance is a critical part of any company’s risk management strategy. Even companies with robust security systems are susceptible to hacking, and cyber insurance may help shield them from the resulting financial fallout. The global average cost of a single data breach was $4.25 million last year. Compared to that, the cost of a comprehensive insurance policy is only a fraction of that amount.
Related: The Top 3 Mistakes Businesses Make After a Hack
A cyberattack is likely to happen to any organization that functions digitally, but how an organization responds to such an incident matters. Successfully navigating the path to recovery helps organizations emerge stronger, more resilient and better prepared to turn victimhood into vigilance. Life following a hack presents an opportunity to grow and fortify your organization against new threats looming over the horizon.
[ad_2]
Apu Pavithran
Source link
[ad_1]
Financial crime continues to tick up as more payment processes move online — and fraudsters take advantage of the digital shift. In fact, 69% of global executives and risk professionals expect crime to increase over the next 12 months, naming cybersecurity and data breaches as primary drivers, according to Kroll’s 2023 Fraud and Financial Crime […]
[ad_2]
Whitney McDonald
Source link
[ad_1]
Opinions expressed by Entrepreneur contributors are their own.
Today’s cyber threat landscape is elaborate, fast-paced and continuously evolving. The complexity of such threats has raised the predictions that the total cost of cybercrime will exceed $8 trillion by the end of 2023. It includes, for example, the money stolen by cybercriminals, the subsequent investments in security tools and services, and the money spent on ancillary activities such as staffing, remediation, legal fees, fines and more.
So, why do many organizations still fail to see cyber hygiene or even cybersecurity as a boardroom priority, even in 2023? Many business leaders, especially small to medium-business leaders, fail to perceive themselves as targets. From their perspective, spending more on cybersecurity is a wasted effort, and those resources can be used elsewhere.
On average, companies worldwide only allocate around 12% of their IT budget to IT security! Thus, persuading the boardroom to invest in cyber hygiene can be challenging. However, while it is hard to implement and even harder to maintain, these habits, security practices and solutions help make the world safer. And that is where every organization needs to start.
Related: Why Is Cybersecurity Important for Your Business? Neglecting It Could Be Your Downfall.
Looking back at just a year, cyberattacks worldwide have shown a 38% increase in 2022 compared to 2021. The attack on the Australian health insurance provider Medibank, the data breach on the Los Angeles Unified School District (LAUSD) or even the social engineering hack on games company Rockstar are just a few of the thousands of data breaches happening all over the world.
Interestingly, these breaches, like most, could have been prevented with good cyber hygiene. Furthermore, the examples I chose demonstrate that attackers seem unconcerned with a company’s size, location or industry. Yet, even with cyber threats like data breaches, phishing scams and ransomware, cybersecurity investments fall short.
Over the last few years, we’ve made great strides in security, especially following the global pandemic. Still, a study conducted by Foundry shows that 9 out of 10 security experts still believe their organizations are not prepared to address the risks of a cyber-attack.
Related: 5 Ways to Protect Your Company From Cybercrime
So, what can we do? Establishing a strong and resilient cybersecurity architecture demands deploying security measures on multiple fronts such as data, devices, employees and network. Any elementary security architecture must include solutions to enforce strong password policies, protect data in transit and at rest, identify and protect against attacks and regularly back-up mission-critical data. This seems excessive, especially considering how limited the budget is. Yet, acquiring as many tools as possible within your financial limits shouldn’t be your final objective. The most effective strategy results from selecting the appropriate collection of tools after carefully assessing one’s demands and the current level of security precautions. The solutions I’d suggest include the following:
Also, it would be wise to select solutions that already have established interconnections among them. This would offer more centralized and seamless access, thereby reducing the workload on your IT administrators and saving you from recruiting larger teams.
Alternatively, some vendors offer multiple tools in a combined package. For example, Cisco Umbrella offers RBI, SD-WAN, and much more, Hexnode provides IAM and UEM capabilities, and Okta gives you both ZTNA and IAM. Make sure to carefully examine such vendors and the integrations between them before finalizing your architecture. In my experience, customers have always preferred a consolidated approach because, economically or due to staffing, they can’t handle the complexity of multiple solutions.
Related: The Correlation Between Covid-19 and Cybercrime
We are all aware that the financial facet of any venture will inevitably be difficult. Assuming that the aspects mentioned above identify with your company’s objectives, the following query would most likely be regarding the return on investment. It might be challenging to locate the facts and data needed to identify the advantages of cybersecurity hygiene. I would suggest reviewing the financial implications of previous data breaches and comparing those numbers against the investment cost. You will discover that the latter dwarfs the former sum.
Another hurdle is the monotony associated with good security hygiene. A robust security architecture requires periodic observation, maintenance and upgrades. This is often a bit boring, especially for non-tech-savvy investors, entrepreneurs and leaders. Additionally, the repetitious nature might cause inaccuracy and personnel exhaustion. The only solution is to clearly communicate the necessities of cyber hygiene and make them understand that security is an ongoing process rather than a one-time stop. Also, using tools to automate tasks and setting reminders can help employees stay on track without it being a bother.
The recession bound to happen this year will surely put an even tighter hold on the already stretched budget. However, being the victim of a cyberassault during such trying times would be a far scarier reality. As business leaders, we must pay close attention to the hazards and repercussions of a cyberassault in our organization. Thankfully, many businesses are unwilling to face the risks associated with losing client data and having production or operations halted due to a system breach. If they do, it is either out of ignorance or a lack of a thorough understanding of the entire process.
[ad_2]
Apu Pavithran
Source link
[ad_1]
Opinions expressed by Entrepreneur contributors are their own.
In our recent Consumer Cybersecurity Trends report, RAV researchers delved into the threats facing consumers over the last year. It was relatively unsurprising when once again, phishing took the top spot for cybercriminal activity.
There are various types and various ways for threat actors to pull off a phishing attack. Let’s dive into the most prevalent, and also the sneakiest, of ways that phishing is currently threatening the cybersecurity landscape for consumers today.
Related: What Is Phishing? Here’s How to Protect Against Attacks.
It may sound like old news by now, but phishing attacks by email don’t seem to stop coming — and it’s surprising how many people still fall victim to them.
This February, Reddit employees were victims of an email phishing campaign that affected hundreds of company contacts and employees. According to a Reddit statement at the time, “the attacker sent out plausible-sounding prompts pointing employees to a website that cloned the behavior of our intranet gateway in an attempt to steal credentials and second-factor tokens.”
Whether this attack could have been avoided is up for debate. At the very least, the fact that an employee was aware enough to understand what was underway and raise the alarm to their security team is vital. The sooner an attack can be mitigated, the better.
As well as email phishing via malicious links and attachments, the weaponization of office documents sent via email has also increased. Office documents that hide macro code are still very common, and 2022 saw many files sent as phishing documents to lure users to run the malicious code.
Related: 4 Things Your Employees Are Doing Right Now That Are Compromising Your Network
Unlike the traditional “spray and pray” approach, whereby mass phishing emails are sent to as many recipients as possible in the hopes they’ll get at least a few hits, “spear phishing” is a targeted phishing attack aimed at a specific individual or organization.
Cybercriminals will research their target in order to personalize the attack and increase their credibility, with the intent of persuading the target to disclose sensitive information or trick them into making payments.
While finance teams and executives would seem to be the most likely targets of spear-phishing campaigns, sales departments might also see an increase — mainly because a sales team member is more likely to receive emails from outside an organization. These employees could be a viable entry point for hackers trying to infiltrate an organization.
Social media is also a factor here, as many employees that use social media, either for personal or professional use, underestimate just how vast their digital footprint may be. In Q1 of 2022, LinkedIn users accounted for 52% of all spear-phishing targets globally, and users were cautioned to be on their guard for a rise in spear-phishing campaigns.
The biggest takeaway here should be that criminals are looking for the weakest link in a company, no matter who they are trying to target. One wrong click from an unsuspecting employee is all it takes, so they will keep trying again and again to ensnare their next victim.
And taking spear phishing attacks to the next level, “whale phishing” targets the most senior-level company members, like the CEO or CFO. Whaling phishing techniques may involve impersonating these figureheads, in order to trick an employee into authorizing high-value money transfers to the attacker or disclosing vital company information.
Related: Is Your Business Prepared for a Cyber Attack? (Infographic)
In general, users are misguidedly more trusting of text messages than they are of email. In actual fact, as most smartphones can receive text messages from any number in the world, smartphone users aren’t really afforded any SMS privacy at all.
Phishing conducted via SMS, also known as “smishing,” will entice a victim into revealing personal information via a link through compelling SMS text messages. Unfortunately, not enough users are aware of the dangers of clicking links in text messages.
These links may lead to credential-phishing sites or inject malware designed to compromise the phone itself. The malware can then be used to spy on the victim’s smartphone data or silently send sensitive data to an attacker-controlled server.
But what is it that we are afraid of? What can a phishing attack lead to? Once a threat actor has access to data, they can set to work to use it for their own nefarious purposes — be it holding the data ransom, using it for financial theft or creating further disruption for a company (e.g., doxing or cyber espionage).
For example, Atlassian recently suffered a cybersecurity breach in the form of a phishing attack that compromised customers and business insider information, including company floor plans. The attack is thought to have been achieved through using an employee’s credentials. We see from this that phishing can lead to unwanted and unwarranted prying eyes into a company’s inner sanctums, and it puts both consumers and businesses at risk for further interference. The plethora of phishing techniques is presumably why it ranks as the preferred method of attack for so many cybercriminals.
To protect against phishing attacks, whether as a consumer, employee or business owner, following some basic guidelines will be invaluable:
Be wary of unsolicited mail and unexpected emails, especially those that call for urgency.
Double-check transactions or data disclosure through a secondary means of communication (e.g., phone calls or face-to-face).
Watch out for telltale signs of phishing attempts, such as the misspelling of words, the incorrect use of URLs and completely irrelevant messaging.
Additionally, pay attention to emerging technologies on the market — it remains to be seen whether newly available clever AI chatbots could be used to construct phishing emails.
Above all, ensure all staff has cybersecurity training. All employees should be aware of basic tactics used in spear phishing emails, such as tax-related scams, CEO fraud and other social engineering tactics via email. Education and awareness are key defense skills as the majority of these phishing techniques will only actually succeed due to human error.
[ad_2]
Andrew Newman
Source link
[ad_1]
Opinions expressed by Entrepreneur contributors are their own.
This time last year, I reviewed the cybersecurity landscape around the world and predicted a year ahead involving advanced threats against home users, the continual growth of ransomware and gaming as a growing attack vector. Looking back over 2022, we indeed saw those predictions play out.
For 2023, we can expect the continued trends of attacks against consumers and remote employees, like phishing and social engineering attacks, including email and SMS scams, which are commonly used to exploit individuals. Trojan viruses, sophisticated malware and new attack vectors will be highly prevalent in 2023, including novel threats such as the Metaverse Attack vector dubbed “Big Brother” discovered by RAV Researchers.
With all this in mind, what else can we expect for 2023?
Unfortunately, humans are still the weakest link in the cybersecurity chain. Home users remain the easiest targets as AV providers are focused on securing enterprise dollars for their services. Phishing and social engineering scams will become more sophisticated as they continue into 2023, and cyber criminals employ more complex technologies such as deep fakes.
Continued use of email phishing is to be expected, with Office Documents that hide macro code still being used as vectors to lure users to run the malicious code in emails. Other means of deploying scams, such as SMS and social media platforms — be it affiliate links, clickbait or credentials pages that attempt to steal your password information — are all likely to continue.
Raising awareness for online users is our best leverage to stop these phishing attempts from being successful. Taking note of simple telltale signs such as misspelling of words, the incorrect use of URLs and completely irrelevant messaging can make all the difference.
Related: The Emerging Cybersecurity Trends In 2023
Ransomware-as-a-Service (RaaS) and overall Cybercrime-as-a-Service (CaaS) are on the rise. Data breaches are to be expected, as data is still seen as profitable barter on the Dark Web. These services are becoming more commonplace as cyber warfare persists. As the motivations behind cybercrime move from profit-related to geopolitical, the nature of the Dark Web is changing. Worryingly, cyber-criminal groups can now use the malware they trade on these platforms to go after more sensitive computing systems connected to critical infrastructure and government services of other nation-states.
Cyber victims are becoming increasingly younger. We will see the continued targeting of unsecured consumers such as tweens and teens, who are highly connected, starting to use crypto and buying into the metaverse and other digital assets. Likewise, criminals themselves are getting younger. Cybercrime activity by teens and young adults now covers everything from large-scale attacks on enterprises and governments to low-level crimes that target families, friends and strangers. Hacktivism will also be fueled by cyber use — the younger generation can use their cyber skills to show their discontent in ways the past generation didn’t have access to or the ability to do.
Related: A Business Leader’s Beginner Guide to Cybersecurity
Cracking and bypassing two-factor authentication (2FA) is on the rise and will be exploited more and more in the coming year. It’s likely that in the future, we may move on to three or even four-factor authentication. As the technology to crack multi-factor authentication continues to mount up, more and more companies may opt to use biometric authentication.
As next-generation technologies, such as virtual reality, make it into the mainstream, we will see the continued deployment of next-generation threats. Whether or not the allure of the metaverse and augmented realities makes it into 2023 remains to be seen — but as ever, new vectors offer new opportunities and broader attack surfaces.
Related: 4 Major Cybersecurity Risks of Working From Home
Despite ongoing cybersecurity concerns, there’s sometimes a distinct lack of action. For example, 12 months after the Log4J hack, the CISA and FBI agencies are concerned that many companies have still not applied updates, despite their security alerts warning that if organizations haven’t yet patched or mitigated Log4j vulnerabilities, they should assume their network is compromised and act accordingly.
Organizations and individuals alike need to shift their cybersecurity strategies to a more holistic approach. Log4J is a great example of why cybersecurity companies shouldn’t rest on their laurels. Experts have warned that threat actors are perfectly capable of playing the long game; even if a disaster hasn’t struck yet. Unless you are fully prepared, it still can.
As with all aspects of technology, cybersecurity is fast-paced and ever-evolving. Security companies need to constantly mitigate threats, deploying the best cybersecurity available for their users. One thing is certain in 2023: More hacks are coming our way. Cybercriminals will be spending the year ahead fine-tuning their methods. The question is whether the defense can keep up.
[ad_2]
Andrew Newman
Source link
[ad_1]
Cybersecurity threats that place bank information and personal data at risk are on the rise as the holiday shopping season officially kicks off with Black Friday and Cyber Monday. Cybercriminals are targeting online shoppers by scraping sites for credit card and banking data, according to a recent report by cybersecurity firm Kaspersky, which monitored cyberthreat-related […]
[ad_2]
Whitney McDonald
Source link
[ad_1]
A pro-Russian hacking group claimed credit for cyberattacks hitting more than a dozen U.S. airports’ websites Monday morning, according to multiple outlets, temporarily rendering parts of the sites inaccessible to the public, though the hacking did not result in any operational disruptions.
Travelers pass through the concourse at Ronald Reagan Washington National Airport.
Responsibility for the attack was claimed by the hacking group Killnet, which has promoted Kremlin viewpoints and previously engaged in cyberattacks targeting western nations but whose ties to the Russian government are unknown, according to CNN.
The attack resulted in an “inconvenience” for the public trying to access web domains with information on airport wait times and congestion, a senior official told ABC News.
The airports targeted include Atlanta’s Hartsfield-Jackson International Airport and New York’s LaGuardia Airport, while Chicago O’Hare International Airport as well as Los Angeles International Airport’s websites also appeared to be affected, according to multiple outlets.
The U.S. Cybersecurity and Infrastructure Security Agency said Monday it was monitoring the situation but that there were no concerns about airport operations, according to CNN.
In a post on Telegram, the group also claimed to hit airports in Idaho, Michigan, Hawaii, Massachusetts and other states.
Killnet also claimed responsibility last week for disrupting state government websites in Colorado, Kentucky and Mississippi and other states.
Killnet began its hacking activity in the wake of Russia’s invasion of Ukraine starting in February, claiming to target western nations that have imposed sanctions on the Kremlin for the war. The group primarily carries out distributed denial of service attacks, called DDoS, which aim to flood a site or server with fake web traffic to knock it offline, according to Bloomberg. The group has also carried out attacks across Europe, including targeting the Eurovision song contest. The group of hacktivists is also known for defacing websites targeted in their attacks with pro-Russian messages, according to Politico.
Cyberattacks reported at US airports (ABC News)
Meet Killnet, Russia’s hacking patriots plaguing Europe (Politico)
[ad_2]
Madeline Halpert, Forbes Staff
Source link
[ad_1]
September saw a spade of cyberattacks, including the one that hit Suffolk County, and federal officials must do more to protect consumers, Senate Majority Leader Charles Schumer said Sunday.
American Airlines, DoorDash, Uber and U-Haul have all been hacked, and experienced “a serious data breach,” according to Schumer.
And he said many people may not know their data may have been compromised.
“In roughly the last 30 days, vital and personal information has been hacked at many major U.S. companies, compromising people’s privacy. Yet, if you ask most people about these hacks they don’t even know they occurred and the feds are saying very little,” Schumer said in a statement.
“In fact, for a lot of consumers, unless you have a service—which often comes at a cost—you are not aware of these breaches and hacks,” he added. “And in some cases, even if you do have a service that alerts you, information about where your personal information went, the origin of the hack and so much more is elusive.”
Now Schumer is calling on the Federal Trade Commission and Department of Justice to better protect consumers.
“The feds have a law on the books to glean more information on major hacks, so the message today is: give consumers the details and investigate who is hacking,” Schumer said. “If a company is not doing right by their customers’ very personal information, then hold them to account as well. That is the two-pronged message today.”
On Sept. 8 Suffolk websites and web-based applications were taken down, after officials found malware in county systems. Ransomware postings on the website DataBreaches.net showed images of county documents and the hackers claimed to have extracted court records, sheriff’s office records, contracts with the state, and personal data of citizens from the domain of the county clerk.
Schumer said the county “has been communicating with federal law enforcement, and is working to fully restore its computer system without threat. My team will continue coordinating with the county to help them however we can, but for a local government to have to shut down computer systems in an effort to protect data, that is not something we want happening anywhere. The feds should detail who exactly hacked Suffolk, what info they got and detail what tools we can give Long Island so this doesn’t happen again.”
“I just secured robust federal dollars to help prevent this exact kind of thing on behalf of our local governments,” Schumer said, referring to the $1 billion infrastructure bill.
That funding would allow government to build comprehensive cyber plans and to use federal grant dollars to support state and local public health, education, and other entities, Schumer said.
The Department of Homeland Security with the Federal Emergency Management Administration recently announced the opportunity for state and local entities to apply for the cybersecurity dollars.
[ad_2]
Adina Genn
Source link