Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cybersecurity measures. Show all posts
Threat actors
Cyber Security Cyber Threats Cybersecurity Cybersecurity measures cybersecurity trends Data Breach Data protection malware Online Security ransomware attacks Threat actors

Report: September Sees Record Ransomware Attacks Surge

 

In September, a notable surge in ransomware attacks was recorded, as revealed by NCC Group's September Threat Pulse. Leak sites disclosed details of 514 victims, marking a significant 153% increase compared to the same period last year. This figure surpassed the previous high set in July 2023 at 502 attacks.

Among the fresh wave of threat actors, LostTrust emerged as the second most active group, accounting for 10% of all attacks with a total of 53. Another newcomer, RansomedVC, secured the fourth spot with 44 attacks, making up 9% of the total. LostTrust, believed to have formed in March of the same year, mirrors established threat actors' tactics of employing double extortion.

Notably, well-established threat actors remained active in September. Lockbit maintained its lead from August, while Clop's activity diminished, responsible for only three ransomware attacks in September.

In line with previous trends, North America remained the primary target for ransomware attacks, experiencing 258 incidents in September.

Europe followed as the second most targeted region with 155 attacks, trailed by Asia with 47. Nevertheless, there was a 3% rise in attacks on North America and a 2% increase on Europe, while Asia saw a 6% decrease from the previous month. This indicates a shifting focus of threat actors towards Western regions.

Industrials continued to bear the brunt of attacks, comprising 40% (19) of the total, followed by Consumer Cyclicals at 21% (10), and Healthcare at 15% (7). The sustained focus on Industrials is unsurprising, given the allure of Personally Identifiable Information (PII) and Intellectual Property (IP) for threat actors. 

The Healthcare sector witnessed a notable surge, experiencing 18 attacks, marking an 86% increase from August. This trend aligns with patterns observed earlier in the year, suggesting that August's dip was an anomaly. The pharmaceutical industry's susceptibility to ransomware attacks continues due to the potential financial impact.

The surge in ransomware attacks can be attributed in part to the emergence of new threat actors, notably RansomedVC. Operating similarly to established organizations like 8Base, RansomedVC also functions as a penetration testing entity. 

However, their approach to extortion incorporates compliance with Europe's General Data Protection Regulation (GDPR), pledging to report any vulnerabilities discovered in the target's network. This unique approach intensifies pressure on victims to meet ransom demands, as GDPR allows for fines of up to 4% of a victim's annual global turnover.

RansomedVC garnered attention by claiming responsibility for the attack on Sony, a major Japanese electronics company, on September 24th. In this incident, RansomedVC compromised the company's systems and offered to sell stolen data. This successful targeting of a global giant like Sony highlights the significant impact RansomedVC is exerting, indicating its continued activity in the months ahead.

Matt Hull, Global Head of Threat Intelligence at NCC Group, commented on the situation, noting that the surge in attacks in September was somewhat anticipated for this time of year. However, what sets this apart is the sheer volume of these attacks and the emergence of new threat actors playing a major role in this surge. Groups like LostTrust, Cactus, and RansomedVC stand out for their adaptive techniques, putting extra pressure on victims. 

The adoption of the double extortion model and the embrace of Ransomware as a Service (Raas) by these new threat actors signify an evolving landscape in global ransomware attacks. Hull predicts that other groups may explore similar methods in the coming months to increase pressure on victims.
Read more »
reputation
Businesses Cyber Attacks Cybersecurity measures data security Data Theft endpoint detection and response financial risks payment diversion fraud Ransomware reputation

Growing Threat of Cyberattacks Puts Businesses at Risk

 

In an era defined by digital advancements, businesses face an escalating peril: cyberattacks. While the digital age has opened up unprecedented opportunities, it has also ushered in a formidable threat to businesses' financial stability, data integrity, and reputation.

Recent years have witnessed a surge in both the frequency and sophistication of these attacks, leaving a trail of financial losses and reputational damage. Notably, small enterprises with fewer than ten employees have seen an alarming rise in cyberattacks, jumping from 23% to 36% over the past three years, according to a report from Hiscox, an insurance company.

The pandemic exacerbated vulnerabilities, with hospitals becoming frequent targets of ransomware attacks, jeopardizing patient well-being. A prevalent form of cybercrime, payment diversion fraud, affected one in three businesses within the last year, as highlighted by Eddie Lamb, Cyber Education and Advisory expert at Hiscox.

This form of attack involves cybercriminals attempting to redirect or steal payments meant for legitimate recipients. Ransomware attacks persist, as evidenced by a recent breach targeting the Greater Manchester police force. Additionally, data theft remains a persistent threat, with confidential information and intellectual property being prime targets.

According to Lamb, the average cost of an attack stands at €15,000, but one in eight afflicted businesses faced losses exceeding €238,000. Shockingly, one in five respondents stated that the cyber attack they endured posed a significant threat to the future viability of their business.

Beyond financial repercussions, cyberattacks also inflict intangible harm. Lamb emphasized that the damage extends to elements like brand reputation and the erosion of consumer trust, potentially leading to enduring consequences.

This is particularly evident in data breaches, where sensitive information beyond email lists may be compromised. For instance, in 2020, US cybersecurity firm FireEye fell victim to a highly sophisticated attack, possibly orchestrated by a nation-state, resulting in the loss of a critical toolkit.

While such large-scale attacks are infrequent, businesses of all sizes must fortify their defenses. Lamb stressed that while there's no foolproof safeguard, implementing modern anti-virus technology with endpoint detection and response (EDR) is crucial. EDR enables real-time threat monitoring and can autonomously take measures to prevent or mitigate harm.

Other protective measures include adopting multifactor authentication and biometrics. The UK National Cyber Security Centre also underscores the importance of robust data backups in its cyber security guide for small businesses. Online training resources and check tools tailored for small-sized businesses offer further support.

Recognizing that human error is a significant vulnerability, educating and training employees on best cybersecurity practices is essential. As cybercrime tactics evolve, staying updated on the latest trends is paramount.

Lamb urged businesses to be proactive, emphasizing that cyberattacks are a matter of "when" rather than "if". He stressed that the pivotal factor lies not in experiencing a breach, but in the response to it. Consequently, clear and comprehensive security policies, including an incident response plan, are crucial. Additionally, having a dedicated cyber defense team or individual is pivotal, ensuring a swift and coordinated response to minimize downtime.
Read more »
Data threats
Cyber Security Cybersecurity measures Cyberthreats data security threats Data threats

Does Your Organization Have a False Sense of Cybersecurity?

Many people think that by piling up a bunch of cybersecurity tools, an organization is automatically super secure. Yet, when you look at recent trends in cyberattacks, it becomes clear that reality often paints a different picture. 

In the wake of the pandemic, we have witnessed an alarming 600% surge in cybercrime due to the emergence of new threats. Hackers and scammers employ a spectrum of tactics, ranging from traditional email phishing scams to sophisticated techniques like cross-site scripting (XSS), their aim is to illicitly obtain sensitive information and, in some cases, hold organizations hostage. 

The expanding scope of cyber threats has prompted the cybersecurity sector to develop an array of new security solutions. While this surge in innovation is certainly a positive development, it also brings forth a potential challenge. The abundance of cybersecurity tools within a single organization could lead to a fragmented security approach, potentially leaving vulnerabilities in its wake. 

Furthermore, a recent study conducted by Forbes has revealed an interesting finding, which suggests that organizations that utilize a higher number of cybersecurity tools are more prone to experiencing breaches in their security. It is intriguing to note that organizations armed with a multitude of security tools may inadvertently cultivate a false sense of assurance, rather than establishing a genuinely robust security infrastructure. 

Oftentimes, these tools concentrate on isolated facets of the network, neglecting the broader context and, crucially, lacking seamless communication between them. This can result in a disjointed perspective of the organization's security stance, rendering it difficult to pinpoint potential vulnerabilities. It is like having a bunch of puzzle pieces without knowing what the whole picture is supposed to be. This can make it hard to find out where there might be problems. 

According to Adarma's research, about 61% of cybersecurity experts think that the cybersecurity market is too confusing, scattered, complicated, and crowded. This makes it hard for them to get better at keeping things secure. Using too many different security tools can cause problems. For example, if several tools try to fix the same security problem, like phishing attacks, it can mean doing the same thing over and over, which is a waste of time and resources. 

Protecting a company in today's digital world needs a thorough plan that covers many areas. It is not just about setting up tools initially, but also about looking after them continuously, much like taking care of a garden. Knowing how to handle different security tools is key, as they each have their own special requirements. 

Bringing together different sources of information gives a complete picture of security in the whole organization. Making sure the tools are set up right and kept up to date is really important. While combining all the security measures can make things run smoother, it should be done thoughtfully. 

Recognizing and fixing any gaps in security shows strength and being ready to take action. Trusting in both the tools and the team using them is just as crucial. Following this well-rounded plan helps companies strengthen their defenses and stay on top of the ever-changing digital threats. 
Read more »
Subscribe to: Posts (Atom)