Platform Security
PR Newswire | October 26, 2023
OpenText (NASDAQ: OTEX), (TSX: OTEX), today announced the Nastiest Malware of 2023, an annual ranking of the year's biggest malware threats. For six consecutive years OpenText Cybersecurity threat intelligence experts have analyzed the threat landscape to determine the most notorious malware trends. Ransomware has been rapidly ascending the ranks, with ransomware-as-a-service (RaaS) now the weapon of choice for cybercriminals.
This year four new ransomware gangs, believed to be the next generation of previous big players, topped the list. Newcomer Cl0p takes the prize for this year's nastiest malware after commanding exorbitant ransom demands with its MOVEit campaign. Cl0p's efforts helped skyrocket the average ransom payment which is rapidly approaching three quarters of a million dollars. Black Cat, Akira, Royal, Black Basta also made their debut, joined by the always present, Lockbit.
A key finding this year is the RaaS business model is another win for the bad guys. Profit sharing and risk mitigation are top contributors to RaaS success along with the ability to easily evade authorities, said Muhi Majzoub, EVP and Chief Product Officer, OpenText. There is a silver lining as research shows only 29% of businesses pay ransom, an all-time low. These numbers indicate people are taking threats seriously and investing in security to be in a position where they do not need to pay ransom.
This year's list highlights the tenacity of cybercriminals as they continue to reinvent themselves, coming back stronger each time (often with new names). Their scrappy mentality allows them to go beyond the norm to find new ways to invade their target.
2023 Nastiest Malware
Cl0p, a RaaS platform, became famous following a series of cyberattacks, exploited a zero-day vulnerability in the MOVEit Transfer file software developed by Progress Software. MOVEit victims include such notable organizations as Shell, BBC, and the United States Department of Energy.
Black Cat, recognized in our 2021 Nastiest Malware report, believed to be the successor to REvil ransomware group, has built their RaaS platform on the Rust programming language. They made headlines for taking down MGM Casino Resorts.
Akira, presumed to be a descendant of Conti, primarily targets small to medium sized businesses due to the ease and turnaround time. Most notably, Akira ransomware targeted Cisco VPN products as an attack vector to breach corporate networks, steal, and eventually encrypt data.
Royal, suspected heir to Ryuk, uses Whitehat penetration testing tools to move laterally in an environment to gain control of the entire network. Helping aid in deception is their unique partial encryption approach that allows the threat actor to choose a specific percentage of data in a file to encrypt.
Lockbit 3.0, a main stain on the list and last year's winner, continues to wreak havoc. Now in its third epoch, Lockbit 3.0 is more modular and evasive than its predecessors.
Black Basta is one of the most active RaaS threat actors and is also considered to be yet another descendant of the Conti ransomware group. They have gained a reputation for targeting all types of industries indiscriminately.
To learn more about the findings of this year's Nastiest Malware analysis, visit the OpenText Cybersecurity Community, as well as tune in to our Nastiest Malware Webinar.
Read More
Software Security
PR Newswire | October 16, 2023
BT and Google Cloud today announced a new partnership focusing on an enhanced commitment to cybersecurity innovation. Serving customers in more than 180 countries and with a team of 3,000 security professionals, BT works with the security industry's leading vendors to provide managed security solutions to private and public sector organisations around the world.
As part of the partnership, BT will become a managed services delivery partner for Google's Autonomic Security Operations (ASO) offering based on Google Chronicle. ASO is a holistic framework that combines principles, practices, and tools that enable organisations to take an adaptive and automated approach to threat management. Underpinned by Chronicle's peta-byte scale detection, a data lake powered by Google Cloud's data and analytics platform BigQuery, and rich, compelling analytics via Looker, the solution decreases the time to detect and respond to threats—which is essential in the face of the increasing volume and complexity of cyber-attacks.
Customers will benefit from the new partnership by gaining the technological capabilities of Google Chronicle, combined with BT's track record of delivering cybersecurity services to organisations with complex estates and requirements. Customers will be supported by experts from BT's Security Advisory Services team, who leverage BT's deep experience in security operations and integration to help organisations ensure that they have optimised their wider security architecture to fully align with their priorities and ambition.
Combining Google Chronicle's capabilities with BT's view of global networks and experience of providing managed security services is a really exciting prospect. The ASO solution will help our customers to rapidly identify risks and automatically enhance their cyber defences—providing the speed that's essential to combating cyber-attacks. It represents the first step in our partnership with Google Cloud on cybersecurity, with both companies committed to providing new innovations and solutions that help organisations stay ahead of an increasingly threatening cyber threat landscape, said Tris Morgan, Managing Director, Security at BT.
"Our partnership brings the best of BT's experience in deploying big data-based security platforms with Google Cloud's innovative security capabilities to help our multinational customers transform their approaches to cyber risk management in the face of a rapidly changing threat landscape," said Magali Bohn, Global Director, Partnerships & Channels at Google Cloud Security.
The partnership builds on BT Group and Google's existing relationship to house BT Group's data in Google Cloud to support its analytics and AI ambitions. BT and Google Cloud will also seek to incorporate solutions from Mandiant, a market leader in threat intelligence solutions acquired by Google in 2022, as an additional aspect of the partnership. Finally, BT is working with Google Cloud to trial Google's Vertex AI and Duet AI capabilities.
Read More
Enterprise Security
Honeywell | September 11, 2023
Honeywell has announced that it's the first company to incorporate quantum-computing-hardened encryption keys into smart utility meters, protecting end-user data from advanced cybersecurity threats.
Quantinuum's Quantum Origin provides an advantage over conventional solutions by generating keys with quantum-computing-enhanced randomness.
Honeywell's new Smart Energy and Thermal Solution products powered with Quantum Origin are now available to North American and European customers.
Honeywell recently made a groundbreaking announcement that it is the first company to incorporate quantum-computing-hardened encryption keys into smart utility meters, a move that provides advanced protection for end-user data against cyber threats. To achieve this, Honeywell will leverage Quantinuum's Quantum Origin technology to not only enhance data security but also contribute to building greater reliability and trust in the evolving utility sector.
The enhanced security utility meters establish a new standard for safeguarding against data breaches and ensuring the uninterrupted operation of water, gas, and electricity utility infrastructure for both commercial and residential applications.
Quantinuum's Quantum Origin provides an advantage over conventional solutions by generating keys with quantum-computing-enhanced randomness, thereby rendering them truly unpredictable and substantially enhancing the data security of utilities' end users.
No other organizations in the smart meter market presently offer quantum-hardened encryption protection. The incorporation of this technology into Honeywell's Smart Energy and Thermal Solutions' products will assist in addressing the industry's expanding data security requirements, especially as they pertain to critical infrastructure.
President of Smart Energy and Thermal Solutions at Honeywell, Hamed Heyhat, said,
By integrating Quantinuum's quantum-computing-hardened encryption technology into our smart meters, we are advancing data security for our customers and helping to shape the dialogue on how the utility industries should approach cybersecurity in the quantum era.
[Source – Cision PR Newswire]
Hamed Heyhat emphasized the significance of continuous innovation in enabling customers to stay ahead of the ever-changing threat landscape. It was noted that such a level of protection is crucial in our progressively digital and interconnected world.
Tony Uttley, President and COO of Quantinuum, mentioned,
Our work with Honeywell demonstrates the importance of using the power of today's quantum computers to create a more resilient cyber infrastructure to better protect customers.
[Source – Cision PR Newswire]
Smart Energy and Thermal Solution products from Honeywell with Quantum Origin are now available to North American and European customers. The collaboration will strengthen Honeywell's position as an industry-leading provider of innovative and secure solutions for the utilities industry.
Read More