Carbon Black 2017 Threat Report

| June 15, 2017

article image
As the calendar shifted from December 2016 to January 2017, the prospect of a large-scale cyberattack loomed. Questions over the possible hacking of the 2016 U.S. presidential election swirled and businesses faced a growing attack vector in ransomware. In 2016, ransomware was estimated to be an $850 million crime. As we shift to 2018, questions still exist regarding the politics and possibility of a hacked democracy, but one thing is abundantly clear—2017 saw several large-scale cyberattacks including WannaCry, NotPetya, and BadRabbit demonstrating that ransomware is not going anywhere. Ransomware is now estimated to be a $5 billion crime, according to research from Cybersecurity Ventures.

Spotlight

Darktrace

Named ‘Best Security Company of the Year’ in the Info Security Products Guide 2015, Darktrace is one of the world’s leading cyber threat defense companies. Its Enterprise Immune System technology detects previously unidentified threats in real time, powered by machine learning and mathematics developed at the University of Cambridge, which analyze the behavior of every device, user and network within an organization. Some of the world’s largest corporations rely on Darktrace’s self-learning appliance in sectors including energy and utilities, financial services, telecommunications, healthcare, manufacturing, retail and transportation.Specialties: Cyber security, Cyber defense, Information security, Intelligence, Information technology, Machine learning.

OTHER ARTICLES

NCSC makes ransomware attack guidance more accessible

Article | February 28, 2020

The UK’s National Cyber Security Centre (NCSC) has updated its guidance to organisations on how to mitigate the impact of malware and ransomware attacks, retiring its standalone ransomware guidance and amalgamating the two in a bid to improve clarity and ease confusion among business and consumer users alike. The NCSC said that having two different pieces of guidance had caused some issues as a lot of the content relating to ransomware was essentially identical, while the malware guidance was a little more up-to-date and relevant. The service said the changes reflect to some extent how members of the public understand cyber security. For example, it implies a distinction between malware and ransomware even though technically speaking, ransomware is merely a type of malware. “Not everyone who visits our website knows that. Furthermore, they might well search for the term ‘ransomware’ (rather than ‘malware’) when they’re in the grip of a live ransomware incident,” said a spokesperson.

Read More

Security by Sector: Medical IoT Gets Much Needed Dose of Cybersecurity

Article | February 20, 2020

The subject of how information security impacts different industry sectors is an intriguing one. For example, how does the finance industry fare in terms of information security compared to the health sector, or the entertainment business? Are there some sectors that face greater cyber-threats and risks than others? Do some do a better job of keeping data secure, and if so, how and why? Information security risks and challenges in the healthcare industry are well documented and much maligned. There are several reasons why the healthcare sector is particularly vulnerable, but one of the chief causations is the high amount of connected yet insecure devices commonly used within hospitals, clinics and medical centers. For example, a report from researchers at healthcare cybersecurity company CyberMDX discovered that connected medical devices are twice as likely to be vulnerable to the BlueKeep exploit compared to other devices on hospital networks.

Read More

COVID-19 and Amygdala Hijacking in Cyber Security Scams

Article | April 9, 2020

What races through your mind when you see “Coronavirus” or “COVID-19”? Fear, anxiety, curiosity… these internal reactions can prompt actions that we may not normally take. Recent attacks have been sending out mandatory meeting invites that ask you to log in to accounts. Others have been receiving emails to put themselves on a waiting list for a vaccine or treatment. The heightened emotions we experience when we see emails, or messages like this, may prompt us to give personal information out more willingly than we usually would. Security awareness takes a back seat as emotion takes over. It’s known as amygdala hijacking. Why does this happen to us? The amygdala is a small part of the brain that is largely responsible for generating emotional responses. An amygdala hijack is when something generates an overwhelming and immediate emotional response.Many common cyber security scams use amygdala hijacking to their benefit. We see this used often in phishing, vishing, SMShing, and impersonation attacks. Chris Hadnagy of Social-Engineer, LLC did a case study on amygdala hijacking in social engineering.

Read More

Cybersecurity Must Be Embedded in Every Aspect of Government Technology

Article | March 17, 2020

Cybersecurity has never been more important for every level of our government. The hacking attempts at major federal agencies have raised the profile of nefarious actors who use their highly advanced cyber skills to exploit both security and the vulnerabilities created by human error. Just last month, the Department of Defense confirmed that computer systems controlled by the Defense Information Systems Agency had been hacked, exposing the personal data of about 200,000 people. Additionally, the Department of Justice recently charged four members of the Chinese military for their roles in the 2017 Equifax breach that exposed the information of 145 million Americans. The hackers were accused of exploiting software vulnerability to gain access to Equifax’s computers. They are charged with obtaining log-in credentials that they used to navigate databases and review records.

Read More

Spotlight

Darktrace

Named ‘Best Security Company of the Year’ in the Info Security Products Guide 2015, Darktrace is one of the world’s leading cyber threat defense companies. Its Enterprise Immune System technology detects previously unidentified threats in real time, powered by machine learning and mathematics developed at the University of Cambridge, which analyze the behavior of every device, user and network within an organization. Some of the world’s largest corporations rely on Darktrace’s self-learning appliance in sectors including energy and utilities, financial services, telecommunications, healthcare, manufacturing, retail and transportation.Specialties: Cyber security, Cyber defense, Information security, Intelligence, Information technology, Machine learning.

Events