The New Age Weapon: Malware

What is malware?

What Is Malware? How It Works and How to Remove It | Techvera

Malware is short for ‘Malicious – Software”. The set of code or software that are made intentionally to harm and infect the endpoints in the network are known as malware. The cyber attackers use this malicious software to infect and attack the devices. The malware is of many types and is categorized based on the way they function. We will be explaining these later in the blog.

Malware Threats

These days, malware is not directly installed on the victim’s device. Instead, it is sent and installed on the endpoint device using some techniques and by exploiting loopholes. Thus, these are the scopes that are to be mitigated by the security professionals when deploying cybersecurity.

Various types of malware threats are:   

  • Social Engineering: 

When an attacker manipulates the user to extract sensitive information for personal gains, it is known as social engineering. Sometimes the malicious links or malicious files are sent to the victim during social engineering. As soon as the victim clicks on the malicious link or downloads the malicious file, the malware gets installed in the victim’s device.

  • Email: 

The attacker sends lucrative emails that tempt the user to click on the link provided in the email. As soon as the link is clicked, the malware gets downloaded itself in the background and infects the user’s PC.

Malware tampers web cookies. Thus, when you open a genuine site, this malicious cookie triggers and redirects you to the malicious sites. Thus, these sites may extract information or can download the malware into your system.

  • Planted Removable Medias: 

Sometimes the attacker intentionally plants the removable media with malware loaded in it to tempt the victim to check its data. As soon as you will plug it in your system, the malware will be automatically installed and will end up infecting your device.

Types of malware

What is Malware & What Does it Do? | Malware Definition | Avast

As told earlier in the blog, the malware is categorized and named based on the way they infect the system. Some of them are as follows:

  • Worm: 

Worms exploit your operating system. These types of malicious software use your network bandwidth, steal your data, and send it to the attacker. It has the property to self-replicate and thus, it copies itself through the network.

  • Trojan Horse: 

Trojan Horse is that comes attached to a normal file. Trojan malware disguises itself in the necessary files and then sends the data of your device to the attacker.

  • Spyware: 

This extracts important credentials of data from a user’s device and sends it to the attacker. This kind of malware exploits the vulnerabilities in the software.

This is a kind of malicious software that infects the victim’s device by encrypting its data. The data can only be decrypted with a key that is provided by the attackers once you pay the ransom amount to them. Thus, it is advisable to keep backup of your data.

  • Adware: 

Adware is a kind of malicious software that is injected into the victim’s device using the advertisement pop-ups of needful software. Pop-ups of urgent requirements of antivirus, malware remover, etc. are embedded with the malicious link. As soon as the victim clicks on the link, the malicious file is downloaded in his/her system and infects the device.

  •  Virus:

This is a kind of malicious software that steals information and credentials of the user. The virus is also sometimes used to make the victim a bot. It can self-replicate itself but it cannot be transferred to the other device without human intervention. It can be attached to a document, mail attachments, scripts, etc.

6 Prevention tips from malware

Infected! 10 Tips to Prevent Malware On Your Computer

  1. Never click on not so secure and lucrative links as they may end up infecting your system.
  2. Always keep your PC’s operating system updated.
  3. Do not click on any link unless provided by the trusted source.
  4. Change your passwords in the necessary interim intervals.
  5. Avoid opening emails and attachments from unknown resources.
  6. Do not pick up USBs found lying unguarded in public spaces.
  7. Be cyber aware.

2020’s Major Data Breaches

Ever since organizations have shifted their business to remote operations due to the COVID-19 pandemic, there has been a dramatic rise in the number of data breaches. In the first half itself, cases of data breaches have been reported in 81 global companies from 81 countries!Besides, a security research firm recently revealed the impact on the data breach landscape due to COVID-19 where 80% of data breaches have occurred either because of stolen credentials or brute-force attacks!

Currently, cybercriminals are exploiting the situation of the pandemic to launch highly sophisticated cyberattacks on every industry possible. In the first six months of 2020, various Fortune 500 companies became the target of massive data breaches where hackers sold account credentials, sensitive data, confidential and financial information of these organizations’ cybercriminal forums.

Till now, nearly 16 billion records have been exposed this year. Moreover, according to researchers, 8.4  billion records have been exposed in the Q1 of 2020 alone! This number is a 273% increase in comparison with the first half of 2019 during which 4.1 billion records were exposed! (Source: Security Boulevard)

The 15 biggest data breaches of the 21st century | CSO Online

Let us take you through the biggest cyberattacks of 2020 till now.

Top 5 Data Breaches in 2020 So Far:

Twitter Hack 

Twitter Confirms it was Hacked in an Unprecedented Cryptocurrency Scam |  Threatpost

Twitter took the whole internet by storm when it was hit by one of the most brazen online attacks in history! The social media platform suffered a breach where the hackers verified Twitter accounts of high-profile US personalities like Barack Obama, Elon Musk, Joseph R. Biden Jr., Bill Gates, and many more.

Out of 130 targeted accounts, hackers were able to reset 45 user accounts’ passwords. Hackers posted fake tweets from these accounts, offering to send $2000 for $1000 sent to an unknown Bitcoin address. Reportedly, the Twitter breach well-coordinated scam made attackers swindle $121,000 in Bitcoin through nearly 300 transactions.

According to Twitter Support, “the attack on July 15, 2020, targeted a small number of employees through a phone spear-phishing attack. This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems.

 

Marriott Data Breach

Second Marriott Data Breach Affects 5.2M Guests | Hotel Business

On March 31st, 2020, the hotel chain Marriott disclosed a security breach that impacted the data of more than 5.2 million hotel guests who used their company’s loyalty application.

Hackers obtained login credentials of two accounts of Marriott employees who had access to customer information regarding the loyalty scheme of the hotel chain. They used the information to siphon off the data approximately a month before the breach was discovered.

The data accessed in the breach involved personal details such as names, birthdates, and telephone numbers, travel information, and loyalty program information.

According to the Marriot, hackers might have obtained the credentials of their employees either by credential stuffing or phishing. Previously, the hotel giant announced a data breach in late 2018 in which up to 500 million guests were impacted!

 

MGM Data Dump

142 Million Guests: Hackers Attempt to Sell MGM Grand Data Dump for  Cryptocurrency – Bitcoin News

Last year in 2019, MGM Resorts suffered a massive data breach. The news of the breach incident started to circulate in February 2020 when hackers leaked the personal details of 10.6 million hotel guests for free download. But in the later findings, the number increased by 14 times (nearly 142 million) than the number recorded in February 2020.

The personal information published on the hacking forum included the name, home address, phone numbers, email address, and DOB of guests. The leaked files of guests included Justin Bieber, Twitter CEO Jack Dorsey, and many major government agency officials.

However, a spokesperson from MGM Resorts confirmed that impacted guests were notified about the data breach. In addition, it said, “We are confident that no financial, payment card or password data was involved in this matter.

Zoom Credentials Up for Sale!

Hundreds of thousands of stolen Zoom accounts for sale on hacker forums for  next to nothing | BetaNews

Due to the COVID-19 pandemic, various organizations across the globe adopted work from home policy. In view of the situation, the Zoom video conferencing app became the most used application for virtual meeting and got popular among cybercriminals too.

Within a short span of time, the application became vulnerable to various security threats and eventually became a victim of the data breach. In the first week of April 2020, the news of “500,000 stolen Zoom passwords available for sale in dark web crime forums” shook the application users.

It was reported that more than half a million Zoom account login credentials were up for sale and some of the accounts’ credentials were given away for free. In fact, some of the login credentials were sold for less than a US cent each!

Along with account login credentials, victims’ personal meeting URLs and HostKeys were available too. The leaked accounts’ details belonged to financial institutions, banks, colleges, and various organizations.

 

Magellan Health (Ransomware Attack and Data Breach)

Healthcare Giant Magellan Struck with Ransomware, Data Breach | Threatpost

One of the Fortune 500 companies, Magellan Health was struck by a ransomware attack and data breach in April 2020. The healthcare giant confirmed by stating that about 365,000 patients were affected by the sophisticated cyberattack.

According to the investigation, the attack was launched with a fully planned process where hackers first installed malware to steal employee login credentials. Then they leveraged a phishing scheme to gain access to systems of Magellan after sending out a phishing email and impersonating their client before deploying a ransomware attack.

The data thieves were able to steal login credentials of employees, personal information, employee ID numbers, sensitive patient details such as W-2 information, Social Security numbers, or Taxpayer ID numbers.

Is Your Organization Secured From Data Thieves?

The global shift to a remote working culture has leveraged cybercriminals to launch highly sophisticated cyberattacks. Moreover, ransomware, phishing, DDoS, BEC attacks, etc. are amongst the most common types of data breaches that we have witnessed this year, till now.

Clearly, the first half of 2020 was quite challenging for organizations in terms of cybersecurity along with the adoption of new normal changes. Besides, we are still unsure of what cybercriminals have in store for the next six months of 2020.

Although, by learning lessons from the recent data breaches, we can secure our organizations from emerging cyber threats. Here are some of the “must follow” security measures for your organization to stay secured in these unsecured times:

  1. Educate your employees with security awareness training to help them recognize and combat emerging cyber threats.
  2. Incorporate phishing incident response tool to instantly report suspicious-looking and unsolicited emails.
  3. Secure your email domains against email spoofing attacks by implementing email authentication protocols such as DMARC, SPF, and DKIM.
  4. Keep all your software and applications updated with the latest security patches from time to time.
  5. Use a VPN connection for a protected network to keep hackers and other threat actors at bay while working remotely.

Workplace Threats of Password Sharing

The Shocking Statistics About Password Sharing

According to the security survey, 78% of the security professionals around the world believe that the biggest risk to endpoint security is human error. Moreover, the lack of cybersecurity awareness among employees is one of the biggest exploitable vulnerabilities in any organization.

Nevertheless, an organization can have the most robust security software in the world, but human errors like password sharing can lead to massive data breaches for a lifetime.

The dangers of password sharing at work | TechRadar

Some of these following statics show the criticality of password security in today’s date:

  • Approximately by the end of 2020, password usage across the globe will grow by 300 billion. 
  • 81% of the data breaches have been reported because of poor password security.
  • About 61% of companies use more than 500 accounts with non-expiring passwords.
  • A research article by ITProPortal stated that only 38%of companies update their admin passwords once a quarter while the rest do it very rarely.
  • About 54% of the small and medium-sized businesses don’t check up on their employee password practices.
  • 25% of employees use the same password in all login credentials.

What are the Risks of Sharing Passwords at Work?

Putting a Stop to Password Sharing

One of the most challenging things in the digital world is managing online accounts by securing passwords from the reach of untrusted sources. Whenever a new data breach or compromised information of a company makes headlines in the news, the most common reason shines out to be the poor password security.

Habits like password sharing, providing login credentials on unsecured websites, weak passwords, etc., put companies at expensive risks. In a study by a renowned password manager company, it was stated that around 61% of users more likely share their work passwords than personal passwords.

There are various organizations that still take the matter of password security lightly. It is important for them to understand the consequences of password sharing at the workplace. Here are the top five security risks of password sharing at work:

  1. Single sign-on (SSO)

SSO is an authentication scheme that allows users to use a single ID and password to access multiple corporate software and applications. An employee can use one password to access dozens of enterprise login accounts at the same time.

Even though this practice seems to be beneficial in easing the burden of memorizing and entering passwords, it has disadvantages too. In the common practice of password sharing, it will give rise to major password security vulnerabilities and issues in the organization.

    2. Credential sharing

In several organizations, password sharing at work is a common practice for various reasons, but this practice can lead to dangerous results. According to cybersecurity research, it was found that 42% of people share their work login credentials to work together with their teammates.

While 34% of stated that this practice reduces cost on user-limited software. Whereas the rest of the respondents said that it is their company’s policy to share passwords for accessing specific accounts. In the end, no matter how effective these practices sound, sectors like Banking, Financial Services, and Insurance (BFSI) might fall under the risk of the massive data breach.

     3. Password reuse

Almost every user has the habit of reusing the same password to log in to more than one account. But reusing the same old passwords only empowers workers to increase the threat of a single stolen password for the company.

Also, reusing a password across multiple websites might result in a data breach because if attackers get the hold of one site then they will try using the same information to target other corporate accounts as well.

     4. Cloud computing

Today many businesses are flocking to the cloud as it offers enterprise advantages like cost savings and fast development. However, there are many applications and software that are based on cloud computing that are poorly secured. In fact, it was surveyed that out of 12000 cloud services, 80% allow weak passwords, which is a major password security flaw. A stolen shared password can easily provide hackers with access to valuable and confidential information of the organization.

    5. Emailed passwords

How Windows Active Directory is failing User Logon Security

In order to collaborate with colleagues in a project or some other requirement, employees generally share passwords over emails. This practice of password sharing on emails becomes habitual due to the lack of security awareness training.

A security service providing firm also once reported that less than 20% of employees telecommute are actually aware of the employee password sharing policy of the organization.

It is essential to make employees understand the significant risks of password sharing on telecommunication. Such practices empower hackers to take advantage of sent messages while they go through the hacked email account of the employee.

How the Importance of Not Sharing Passwords Can Secure Organization? 

No matter where you are or who you find the most trustworthy, habits like password sharing should not be encouraged. Even relying on shared passwords, best practices like password reminding or saving tools are not 100% secure! It is just like handing over your valuables to some stranger over an application or software.

Risks of sharing passwords at work would not only make the professional data vulnerable but personal data too to cybersecurity threats. Organizations must consider implementing an employee password sharing policy to protect the confidentiality of data.

The purpose of using a password is to safeguard data or sensitive information from unauthorized access. Employees working in an organization must understand the value and risks associated with password security. The security administrator of an organization should encourage higher authorities to have GDPR compliance implemented in place for password security.

Apart from that, every organization must provide security awareness training to its employees in order to understand the basic cybersecurity practices and how they must be followed in their day-to-day life.

Major Cyber attacks evidenced globally in Q1 2021

Cyber crime has been on the rise for years now and it is not showing any signs of slowing down. To make it worse, the arrival of the COVID-19 pandemic in 2020 just fueled the situation. Those who were expecting relief from the increasing terror of cyber crimes in 2021 are to be disappointed as the number of attacks is only increasing day after day.

We have barely crossed the first quarter of 2021 and already several major cyber attacks have made the headlines. Here is a list of some of the major cyber attacks that took place in Q1 2021:

 

#1 Channel Nine

Australian broadcaster Channel Nine was hit by a cyber attack on 28th March 2021, which rendered the channel unable to air its Sunday news bulletin and several other shows. With the unavailability of internet access at its Sydney headquarters, the attack also interrupted operations at the network’s publishing business as some of the publishing tools were also down. Although the channel first claimed that the inconvenience was just due to “technical difficulties”, it later confirmed the cyber attack.

#2 Harris Federation

In March 2021, the London-based Harris Federation suffered a ransomware attack and was forced to “temporarily” disable the devices and email systems of all the 50 secondary and primary academies it manages. This resulted in over 37,000 students being unable to access their coursework and correspondence.

#3 CNA Financial

One of the biggest cyber insurance firms in the US CNA Financial suffered a ransomware attack on 21st March 2021. The cyber attack disrupted the organization’s customer and employee services for three days as CNA was forced to shut down to prevent further compromise. The cyber attack utilized a new version of the Phoenix CryptoLocker malware, which is a form of ransomware.

#4 Florida Water System 

cyber criminal attempted to poison the water supply in Florida and managed by increasing the amount of sodium hydroxide to a potentially dangerous level. The cyber criminal was able to breach Oldsmar’s computer system and briefly increased the amount of sodium hydroxide from 100 parts per million to 11,100 parts per million.

#5 Microsoft Exchange Mass Cyber Attack

A mass cyber attack affected millions of Microsoft clients around the globe, wherein threat actors actively exploited four zero-day vulnerabilities in Microsoft’s Exchange Server. It is believed that nine government agencies, as well as over 60,000 private companies in the US alone, were affected by the attack.

#6 Airplane Manufacturer Bombardier

A popular Canadian plane manufacturer, Bombardier, suffered a data breach in February 2021. The breach resulted in the compromise of the confidential data of suppliers, customers and around 130 employees located in Costa Rica. The investigation revealed that an unauthorized party had gained access to the data by exploiting a vulnerability in a third-party file-transfer application. Also, the stolen data was leaked on the site operated by the Clop ransomware gang.

#7 Computer Maker Acer

The globally renowned computer giant Acer suffered a ransomware attack and was asked to pay a ransom of $50 million, which made the record of the largest known ransom to date. It is believed that a cyber criminal group called REvil is responsible for the attack. The threat actors also announced the breach on their site and leaked some images of the stolen data.

#8 University of the Highlands and Islands

A cyber attack targeted the University of the Highlands and Islands (UHI), forcing the university to close all its 13 colleges and research institutions to students for a day. Security professionals uncovered that the attack was launched using Cobalt Strike, a penetration testing toolkit commonly used by security researchers for legitimate purposes. This incident is just another in a series of cyber attacks targeting the education sector.

#9 Sierra Wireless

On 20th March 2021, the multinational IoT device manufacturer Sierra Wireless was hit by a ransomware attack against its internal IT systems and had to halt production at its manufacturing sites. Its customer-facing products weren’t affected and the company was able to resume production in less than a week.

#10 Accellion Supply Chain Attack

Security software provider Accellion fell victim to a breach targeting its file transfer system FTA. Many of its clients were affected by the breach. Some high-profile organizations that got caught in the crossfire include grocery giant Kroger, telecom industry leader Singtel, the University of Colorado, cyber security firm Qualys and the Australian Securities and Investments Commission (ASIC). A lot of confidential and sensitive data stolen from various companies by exploiting the vulnerabilities in Accellion’s FTA tool was leaked online.

How to Protect Your Organization Against Cyber Attacks?

Witnessing the extent of damage cyber attacks can cause should be reason enough to take the necessary preventive measures right away. So, here are some steps you can take to reinforce your organization’s cyber security framework and keep it shielded from cyber attacks.

 

  • Generate Cyber Security Awareness: Unaware employees can prove to be an organization’s biggest weakness when it comes to cyber security. Generating awareness among your employees about the prevalent and emerging cyber threats is one of the most effective ways of protecting your business against cyber attacks.

 

  • Implement a Phishing Incident Response Tool: Educating your employees will only take you so far if you don’t equip them with the means of dealing with cyber threats. A phishing incident response tool like TAB can empower your employees to detect and report suspicious emails right away, significantly reducing cyber risks.

 

  • Carry Out VAPT: Conduct periodic Vulnerability Assessment and Penetration Testing (VAPT) to detect any exploitable vulnerabilities in your organization’s IT infrastructure including applications, servers and networks. Make sure to fix the detected weaknesses on priority.

 

  • Keep the Systems Updated: Keep all your hardware and software up-to-date with the latest security updates and patches. Failing to do so can create weaknesses in your security infrastructure and lead to cyber attacks.

 

  • Implement MFA: Enable Multi-Factor Authentication (MFA) across all the applicable endpoints of your organization’s networks. This will not only add an extra layer of security but also protect you in case your employees’ user credentials are stolen.

 

So, don’t wait for your company’s name to be on the list of cyber attack victims and take the necessary precautions immediately.

Vulnerabilities in Critical Infrastructure and its mitigation

With geopolitical tension rising in certain parts of the world along with the ambitions of cyber attackers, coming up with a holistic strategy to protect the nation’s critical infrastructure has become a priority for the enterprises handling them. Imagine what would happen if the nuclear plants or the space agencies of a country were hit by a cyber attack. The disruption caused due to a successful cyber attack on a nation’s critical agencies can be far-reaching. It has the potential of causing a major loss of money, time, and even lives. This can be illustrated by a recent incident.

After the release of the largest-ever compilation of breached usernames and passwords, COMB, a cyber attacker wrongfully entered the Oldsmar (Florida) water plant’s computer systems to poison the city’s water supply by changing its pH to dangerously acidic levels. Even though the attack was thwarted before completion, this incident has opened our eyes to the dangerous reality of such an attack being successfully executed in the future.

Tomorrow, this attack can take place in the form of manipulation of boiler pressure in a thermal power plant or a ransomware attack on the country’s top-tier healthcare institutions. All of such attacks are not only potentially life-threatening but also pose a huge risk of material damage.

Key tips for cybersecurity protection at your critical site - Secure Insights

Other Cyber Incidents Around the World Involving Critical Infrastructure

In February 2020, Saudi authorities reported that their public petroleum and natural gas company Saudi Aramco has seen an increase in cyber attack attempts. This public enterprise suffered a huge cyber attack back in the year 2012 when Shamoon Virus hit the facility and damaged around 30,000 computers.

A few months back, New Zealand’s central bank suffered a huge data breach, where commercially and individually sensitive information was stolen by cyber attackers.

In another event, an electricity grid in the state of Maharashtra (India) was hit by a cyber attack that resulted in a power outage. This incident took place in the month of October 2020 and the authorities suspect Chinese involvement in it.

Discussing the Deterrent

In today’s world, there is cut-throat competition between countries for production and use of resources. Therefore, it is all the more important for enterprises handling and managing the critical infrastructure to adopt a multipronged approach while planning a defense against cyber attacks.

At the organizational level, some of the following measures can help in stopping cyber attacks from affecting the enterprise-

  1. Access Management – Access management is the first basic measure that organizations should take to protect their control systems. Identity Access Management (IAM) in databases and other important IT infrastructure is necessary to limit access and prevent the misuse or leak of information.
  2. Awareness as Defense – One very effective way of preventing cyber attacks on an enterprise is to train the employees in the basics of cyber security. Cyber aware employees form a major defense against attempted cyber attacks on the enterprise.

ThreatCop Lifetime Deal | Security Attack and Awareness Simulator

  1. Email Domain Security – To ensure the security of an organization, it is imperative to address the cyber threats originating from its email domain. Using email domain security tools like KDMARC can be very effective in stopping spoofing of the email domain to protect the enterprise against spear-phishing and BEC attacks.
  2. Data Backup –  Frequent data backup in offline locations in a segmented manner is the best approach to defend against ransomware attacks.
  3. Incident Response – Use of incident response tools can facilitate quick detection of and response to a cyber attack. A phishing incident response tool like Threat Alert Button (TAB) can be quite helpful in identifying and removing phishing emails from the employees’ inboxes.
  4. Strong Password Policy – Employees should be encouraged to use strong passwords. This applies to both their work emails and other credentials used for accessing information and operations of critical systems in the enterprise.

 

CIOs and CISOs in 2021: Key Takeaways

CIOs and CISOs with good foresight can have a positive impact on the overall cyber security outlook of an organization. Securing the organization against cyber threats is a process and every process needs a strong leader to spearhead it. A strong leader has ideas and methods to implement those ideas.

Qualities in a Good Information Security Officer

Next Generation CIOs and CISOs | AESC

Being in charge of the cyber security of an organization, CIOs and CISOs have a great amount of responsibility on their shoulders. Even a careless mistake can result in huge losses of time and money. So, what makes a good information security officer?

  1. Innovation
    CIOs and CISOs should have the ability to adapt to the growing pace of technology as well as the threats and opportunities arising from it. They should always be on the lookout for innovative ways to make cyber security easy, hassle-free and effective.
  2. Self-awareness
    The ability to be thoroughly aware of your strengths and weaknesses is a major quality in every good leader. It applies to information security officers too. CIOs and CISOs should be well aware of what they lack and how to fill that void.
  3. Hunger for learning
    “Leadership and learning are indispensable to each other.” – John F. Kennedy
    A good leader never stops learning. The evolution of skills is a prerequisite for finding creative solutions to tricky problems.
  4. Decisiveness
    As the leader of a very sensitive department of the organization,  CIOs or CISOs should be quick in making decisions. Cyber threats can proceed as a sequence of mixed events very quickly and it is imperative for information security officers to be quick on their feet when it comes to handling such situations.

Insights That Would Interest CIOs and CISOs in 2021

It is important for information security officers to figure out what needs to be done and how to prioritize each task in order to protect their organization against cyber threats. Some of the insights mentioned below would interest information security officers – 

  1. Information Security has Taken the Front Seat
    In Oct 2020, 451 Research’s Coronavirus Flash Survey revealed that information security has become a major technology objective for 44.7% of surveyed organizations due to the influence of Covid-19.
  2. Information Security Officers are Closer to Business than Ever
    Gartner’s 2021 CIO Agenda revealed the fact that as a result of Covid-19, CIOs are now working very closely with business heads of their respective organizations. The ever-increasing role of information security officers in improving the business potential of the organization has made their position all the more important.
  3. Nothing Can Replace Human Awareness
    An article published by CISO Mag in September 2020 revealed that 88% of data breach incidents are caused by employees’ mistakes. If an information security officer could prevent this from happening, imagine the overall business improvement that this will result in.It is possible for information security officers to bring about a positive change in the level of cyber security awareness in their organizations. Using security awareness tools can be a good starting point.A rational cost-benefit analysis would tell you that employee awareness will always be an important part of an organization’s cyber security policy. The benefits accruing to the organization from a more aware workforce can be HUGE!!

    4.Insider Threat is a Reality
    Covid-19 has tested our limits of patience and tolerance. However, some people handle this stress well, others don’t. It is important to understand that the risk of insider threats arising from malicious intent and abuse is now greater than ever. This is majorly due to job security concerns that have grown during this pandemic phase.

  1. Remote Work Culture is Here to Stay
    It is a well-known fact that many companies have now opted for remote working – covid or no covid. They believe that remote working can reduce many of their management costs. However, remote working can adversely affect the organization’s threat posture. This is one big reason for the elevated level of responsibility on an organization’s information security officers. Employee education and the use of a strong IAM (Identity Access Management) system can go a long way when it comes to the resolution of this problem.

Cyber security has become a board-level talk for many organizations now. Avoiding the loss of business due to cyber attacks is now a business strategy. Therefore, it is upon information security officers to improve the business potential of their organizations by choosing methods that help in defending against cyber risks.

For an even better understanding of how information security officers go about their business to defend their organization against cyber threats, you can view the following webinar on the topic – How to Guard Your Organization Against Phishing in a Remote Working World?

 

Healthcare Cyber Security growing Paramountcy

Over the last year, the healthcare industry has become a target of strategic interest amongst cyber criminals. Owing to its troves of valuable data, healthcare has never been as vulnerable to cyber attacks as it is now. As per a report by HIPAA Journal, healthcare institutions reported 616 data breaches of 500 or more records in 2020. Moreover, the report also revealed that 28,756,445 healthcare records were exposed.The Role of Cybersecurity in Healthcare and Hospitals | Norwich University  Online

With the arrival of the COVID-19 pandemic, hackers rapidly evolved their tactics to exploit the fears escalating amongst the population. This has spurred the need to adopt cyber security best practices for keeping pace with evolving threats, especially in healthcare. Cyber criminals have reframed their phishing attempts to launch targeted cyber attacks by taking advantage of the COVID-19 fears.

Those working on the response have become prime targets. Even the World Health Organization (WHO) and the research firms developing treatments and vaccines for the coronavirus are being targeted. Moreover, as per Becker’s Hospital Reviewdata breaches cost the healthcare industry nearly $5.6 billion every year.

 

Major Cyber Attacks on the Healthcare Industry in 2020

It’s widely believed that in 2021 the healthcare industry will continue to be the most targeted industry by cyber criminals. Here are some major cyber attacks targeting the healthcare industry in 2020:

 

  1. The year 2020 witnessed the first fatality due to a ransomware attack when a hospital in Germany was hit by a ransomware attack in September.
  2. The UK National Cyber Security Centre (NCSC) reported that APT29 targeted COVID-19 vaccine development.
  3. The Universal Health Services (UHS) health system suffered a ransomware attack across its 400 locations in September.
  4. Data allegedly stolen from five different healthcare entities was posted for sale on the dark web by the hacking groups behind REvil, SunCrypt, NetWalker and Pysa or Mespinoza ransomware variants.
  5. UCSF paid a ransom of $1.14 million after the NetWalker ransomware affected multiple servers of its School of Medicine.
  6. In October 2020, DHS CISA issued a warning of an Emotet resurgence, problematic ransomware that has targeted 24% of the most prominent hospitals.

 

How to Protect Healthcare Institutions Against Vicious Cyber Attacks?

With the pandemic expected to continue into the foreseeable future, the healthcare industry is hounded by several cyber security issues. Cyber attacks on healthcare facilities can have consequences beyond breach of privacy and financial loss.

 

Therefore, it has become essential for these institutions to take the necessary precautions and get ahead of threats. Here are a few effective cyber security measures that can offer protection against the cyber threats plaguing the healthcare industry:

 

Enable Multi-Factor Authentication (MFA)

Implementation of MFA on all the applicable endpoints across the enterprise networks is an effective way to get rid of some of the most disastrous vulnerabilities. According to a report by Microsoft, enabling MFA can block over 99.9% of all automated account compromise attacks. With billions of stolen credentials for sale, it has become extremely important to adopt MFA as a basic security protocol. This applies not just to the healthcare industry but everywhere.

 

Vulnerability Management

Cyber criminals often exploit unpatched vulnerabilities in the IT infrastructure of their target organization to ensure the success of their attempt. Hence, it is imperative to make sure that all the security patches are updated regularly. Overlooking even a minuscule vulnerability in your organization’s security framework can have severe ramifications. Conducting periodic Vulnerability Assessment and Penetration Testing can significantly help you keep your company’s IT infrastructure free from any weaknesses, mitigating the risk of suffering a cyber attack.

 

Generating Awareness

Educating your staff about cyber risks and the ways to mitigate them is one of the most effective ways of meeting the challenges posed by the current cyber threat landscape. If every individual on staff is vigilant enough, it will be difficult for the threat actors to find an opening for an attack. Organizations can use innovative cyber security awareness tools like ThreatCop to train employees in the art of avoiding cyber attacks.

 

Backup Storage and Restoration

The best way to minimize damage caused by a cyber attack is to employ backup, offline storage and restoration. This standard security protocol is especially effective against ransomware attacks. If you are unable to prevent a cyber attack from hitting its mark in the first place, it is essential to have a plan. The next best course of action is to ensure that you have a reliable offline storage and restoration option.

 

To summarize, cyber security in healthcare is not just about protecting an organization but also protecting those they serve. Consequently, it is extremely important for healthcare providers to enforce strict security policies and keep evolving them according to the changing cyber threat landscape.

 

Astounding growth of Cybercrime in 2021

As organizations around the world continue to trudge through the disruption caused by the COVID-19 pandemic, cybercriminals keep coming up with even more menacing ways of dragging them down. According to research conducted by Cybersecurity Ventures, cybersecurity experts have predicted that cybercrimes will cost the global economy $6.1 trillion annually by 2021. With the pandemic serving as a catalyst, cybercrime is expected to soon become the world’s third-largest economy.While the ongoing pandemic has forced an unprecedented number of people to work from home and forgo the security of a well-developed IT infrastructure, cybercriminals have marked the unwary employees as the target of choice. Organizations were compelled to innovate and adapt so swiftly that the security didn’t get enough time to catch up, leaving businesses vulnerable to the cyber threats looming across the horizon.

India's first crime-criminal tracking network system launched: All you should know about it - Education Today News

Statistics on Current Cyber Threat Landscape

Owing to the COVID-19 pandemic and the sudden transformation to remote work culture, cybercrimes have risen like never before and are expected to rise even more as we move towards 2021. Following are some outrageous statistics showing just how severely these cyber attacks are affecting the global economy:

 

  • As per the research conducted by Cybersecurity Ventures, within months of the first lockdown due to the pandemic, more than 4,000 malicious COVID-related sites popped up across the internet.
  • According to Cybersecurity Ventures, a cyber attack incident will occur every 11 seconds in 2021. This is nearly twice the rate in 2019 (every 19 seconds), and four times what it was in 2016 (every 40 seconds).
  • As per Cybersecurity Ventures, Cybercrime is expected to cost the global economy $6 trillion annually by 2021, as compared to $3 trillion in 2015. This will soon make it the world’s third-largest economy, after the United States and China.
  • Cybersecurity Ventures predicted that ransomware damages will cost the world $20 billion by 2021which is 57 times more than what it was in 2015 ($325 million). This makes ransomware the most rapidly growing kind of cybercrime.
  • According to Cybersecurity Ventures, 91% of cyberattacks are launched through spear-phishing emails, which infect the organizations with ransomware.

What can Organizations do to Stay Secure?

As the rise in cybercrime is showing no signs of slowing down, it is essential for organizations to take the necessary precautions to avoid suffering any losses. The three most critical aspects of any organization include its people, processes and data. By focusing their resources on protecting these three elements, organizations can arm themselves against all kinds of prevalent and emerging cyber threats.

5 Ways to Protect Your Business Against Cybercrime - ITChronicles

Protecting People:

The best way of protecting your employees against cyber attacks is by educating them about the prevalent cybersecurity threats. Owing to cybersecurity unawareness, employees can unintentionally cause data breaches, leaving your company at risk. A report has revealed that implementing cybersecurity awareness training amongst employees significantly reduces human error, mitigating up to 90% of cyber risks.

 

With the dramatic increase in cyber risks due to the transformation to remote work culture, providing your employees with cybersecurity awareness training has become more important than ever. An organization cannot protect its finances, assets and reputation from cybercriminals without spreading awareness amongst its employees.

 

Protecting Processes:

It is essential for an organization’s IT department to continually monitor, review and update all organizational processes. Employees should be made aware of the consequences of installing applications or software in their systems without the knowledge or approval of the IT department.

 

Any known vulnerabilities should be constantly monitored by the organization. Companies can provide protected and locked systems to the employees working remotely. This can be an effective way of restricting them from installing any malicious software.

 

Protecting Data:

An organization must have a firm grasp on the data that it holds, processes and passes on. As per a recent study, companies share sensitive and confidential information with more than 500 third parties. The first and foremost step an organization should take is to conduct an inventory and ensure any information is shared strictly on a need-to-know basis.

Secondly, make sure to encrypt all sensitive data including employee information, all business data and customer information. This ensures that the data becomes useless in case it falls into wrong hands. Also, always create regular backups of all your data and store it securely outside your network.

 

As the rise in cybercrime is showing no signs of slowing down, individuals and organizations alike are equally at risk. Therefore, it has become extremely important to take the necessary precautions and keep essential cybersecurity tips in mind for defending yourselves and your organizations against these threats.

Workplace importance of Cyber Security Awareness

For every organization, it is always necessary to maintain proper cyber hygiene. It is also vital for companies to remind their employees of the ongoing danger of cyber violations. Employees unintentionally cause data breaches because of cyber security unawareness which further results in increasing cyber risks. This year, due to the Covid-19 pandemic, cyber risks have increased many folds. These rising risks can be attributed to the companies’ resorting to the work-from-home (WFH) policy. Cyber security experts have warned that it is high time to prioritize security awareness training during this Cyber Security Awareness Month. Security awareness training not only prevents workers from placing the company at risk but also makes them the first line of cyber defence the organization.

8 Ways to Encourage Cyber Security Awareness - Delta Risk

The Importance of National Cyber Security Awareness Month

The world began to realize in October 2004 that cyber security is becoming a never-ending issue. Although it had been established in 2004 to raise cyber security awareness, it became a critical part of our life. This is how Cyber Security Awareness Month came into existence.

Every day millions of online users are hacked and their data is stolen from their devices. They are unaware of how to properly protect their web-equipped computers, so the National Cyber Security Association (NCSA) is helping to raise awareness on this issue.

Every year the NCSA tracks threats to the cyber security of America. The non-profit association pays attention to all aspects of vulnerabilities, from big public offices to individual home users. Anyone on the Web needs to learn how they can comfortably enjoy their cyber experience maintaining online safety.

The NCSA helps to raise understanding and awareness during Cyber Security Awareness Month, through brochures and blogs to workshops and security awareness training programs.

RH-ISAC | RH-ISAC Announces Commitment to Global Efforts Supporting and Promoting Online Safety and Privacy for Cybersecurity Awareness Month - RH-ISAC

Six Plan of Actions for the Cyber Security Awareness Practices

1) Building Constructive Attitude among Employees: It is of utmost importance to create a strong, constructive attitude towards cyber resilience among employees. Use stories to allow people to see how cyber security integrates with their lives. Encourage uplifting stories that enable people to take control of digital lives, work, and home, and to enjoy humor. Why is it so important? Because happy people will hear what you have to say more often! Use them all year round and get more involved in the role of cyber security in their lives.

2) Start Interaction between IT and Employees: 75% of employees claim that they either generally or nearly always obey their IT department’s advice. IT teams just have to make sure that they consistently provide these directions to start interaction between the IT department and employees.

3) Personnel Investment in Addition to Products: Businesses need to make efforts to flexibly and continuously improve the cyber knowledge of their employees. Therefore, organizations should invest in their personnel apart from brand promotion and product manufacturing.

4) Concentrate on Reducing the Threat and Making Training Fun: Sessions of educating the employees must be amusing. Customize preparation and integrate team humor in the cyber security awareness content. Lessons must be related to the individual life of the trainees. Using personal home safety and privacy examples can be related to their day-to-day office work and organization.

5) Customize Roles Specific Training: Each employee should be equipped with the know-how and skills required to recognize specific roles and react appropriately. In an organization, there are different roles of employees, department-wise. Therefore, customizing role-specific training will help to build robust threat intelligence against emerging and common cyber threats.

6) Make Cyber Awareness Practical and Accurate: Management must take up and protect the value of cyber security by direct communication with staff. When talking about the WFH policy, as an organization you must ensure that workers know how their behavior at home can also have an effect on the business. Explain the point of view of hackers. How can a person be a target? Which information may be of use to an intruder on social media accounts or other information that is accessible? What effect does it have on the organization or mission? Be specific to businesses, staff,, or the community regarding their safety impacts.

Employee Attraction towards Cyber Attacks

With the rapid development in technology and ever-increasing internet users, cyber security plays a critical role in every industry. Securing the IT infrastructure in an enterprise helps in maintaining smooth workflow and consistent business operations.

In recent times, cyber crimes have become extremely sophisticated and threat actors have come up with new ways to obtain access to an organization’s systems and sensitive information. All throughout 2020, everyone was battling to overcome the onslaught of challenges brought by the pandemic.

 

However, cyber criminals saw an opportunity and wholeheartedly exploited the panic and chaos caused by the pandemic to fill their own pockets. And these criminals took no time to launch back to back cyber attacks during the pandemic.

Which of Your Employees Are Most Likely to Expose Your Company to a Cyberattack?

 

These threat actors left no stone unturned to target the vulnerable companies that weren’t prepared to support a remote workforce securely. As a number of well-established companies became victims to various cyber attacks, 2020 witnessed several security incidents making the headlines.

 

Since companies are not willing to compromise with the health of their employees, remote working is expected to continue in 2021 and beyond. But the question is, how do companies survive the fight against cyber crime and secure their employees while overcoming the challenges posed by COVID-19?

 

Cyber Risks and Lack of Security Awareness Among Employees

Often organizations focus on upgrading the hardware and technologies to stay protected against cyber threats. In doing so, organizations spend millions of dollars on the latest security patches and upgrades. But just like our computers, humans store, process, and transfer information too.

 

Yet, if you compare the amount of time and money an organization spends on securing its computers and other electronic devices to the resources it focuses on securing its employees, you’ll see how huge the difference is!

 

Organizations typically invest a lot in installing antivirus and spyware software as well as upgrading the operating systems, applications, and browsers. Additionally, every company has help desks, support teams, and security technical teams to maintain all this software and hardware. But how much does an organization spend on securing employees? Very less.

 

Cyber security has become a massive issue in both private and government institutions. Looking into the core of the issue, it is not really about the technology or the systems. Technology and systems have become increasingly secure over the years.

 

Employees are the actual issue. Even though it is unintentional, most cyber attacks are caused by human error, whether it is a careless click on an unsolicited link or an innocent downloading of a corrupted file.

 

How to Fix these Cyber Security Loopholes? 

hacker attack every 39 seconds-min - Cybint

It may sound controversial, but the security teams are the last line of defense within an organization. Even though these teams face many cyber security challenges, it is the employees who form the first line of defense.

 

According to a report by IBM Security, human error is the main cause of 24% of all data breaches.

 

Therefore, it is imperative for every organization to train the employees to be aware of the prevalent cyber threats. This does not mean that organizations should implement such heavy security measures that will just create chaos and difficulties for the employees.

 

Rather, every organization should come up with a solution that makes the day jobs as easy as possible for the employees while making their IT infrastructure as secure as possible.

 

Here are some effective measures you can take to secure your organization:

 

  • Discover:  Start looking from a risk management perspective. Find out if there are any flaws in the organization’s cyber security framework. Conduct services like VAPT to discover and identify the loopholes within your organization’s network and IT infrastructure.

 

  • Practice healthy cyber hygiene: Implement basic cyber security protocols. Enforce a strong password policy, enabling multi-factor authentication for verification, using secure Wi-Fi, encrypting sensitive data, and regularly updating the systems with the latest security patches.

 

  • Lookout for malicious links: Think carefully before clicking on a link or downloading an attachment from an unknown source. An email can sometimes be from a threat actor impersonating a trusted individual. To protect yourself against malicious actors impersonating your email domain, set up tools like KDMARC and defend your domain against forgery.
  • Set up a firewall: As the name suggests, a firewall is a wall between the computer and the internet. It acts as the gatekeeper for all incoming and outgoing network traffic. Setting up a firewall protects the internal networks of your business against cyber threats.
  • Update on the latest risks: Keep up with the latest cyber hacks and threats news. It helps your organization stay up-to-date with the latest cyber security-related news. It also provides you with the cyber security preventive measures that your organization can adopt to avoid becoming a victim.
  • Train Employees: Educate employees to recognize social engineering attacks such as phishing, vishing, smishing, etc. To be more aware of the cyber threats evolving around the world and how to react when needs arise.

 

The Ultimate Solution to Make Employees Cyber Secure

Lack of Cyber Skills Holding Back the Growth of Small Businesses

There are several steps an organization can take to protect itself against cyber threats. However, it all comes down to how strong is your organization’s first line of defense – the employees. It has become essential for organizations to provide cyber security awareness training to their employees.

 

You can opt to educate your employees with tools that offers the most effective security awareness training materials. The tool generates awareness amongst employees about the common cyber threats wreaking havoc around the world.

 

error: Content is protected !!