Global Ransomware Attack Could Cost $193 Billion

Infosecurity Magazine | January 30, 2019

Global Ransomware Attack Could Cost $193 Billion
A major global ransomware attack could cost organizations an estimated $193bn, with those in the US worst affected, according to a new cyber-risk report. Bashe attack: Global infection by contagious malware, was produced by the Singapore-based Cyber Risk Management (CyRiM) project, of which Lloyd’s of London and other insurers are founding members. It paints a scenario not unlike WannaCry or NotPetya, in which a ransomware ‘worm’ goes global, causing untold damage. The report’s hypothetical attack begins with a malicious email directed at one organization, which is opened, triggering the ransomware download. The malware then spreads itself to connected networks and forwards itself to all contacts. The report estimates that as many as 600,000 businesses globally could be affected by such an attack, with the resulting financial damage hitting anywhere between $85bn and $193bn.

Spotlight

The emergence of IoT – the networked connection of people, process, data and things – is expected to significantly grow the number of connected devices worldwide, from billions of units we have today, to tens of billions of units expected to be deployed in the coming years as stated by several analysts.

Related News

Artificial Intelligence (AI) in Cyber Security Market Next Big Thing BAE Systems, Cisco

openpr | April 21, 2020

The globally increasing IoT adoption and the number of connected devices have simultaneously increased the risk of cyberattacks. The rising number of cybercrimes is propelling the artificial intelligence (AI) in cyber security market. Some common cyber frauds faced by large enterprises are identity and payment card thefts, these cybercrimes when not resolved on time can lead to huge monetary losses. Cybersecurity providers are significantly using AI solutions for tackling such cyberattacks by early threat detection, response time reduction, and segregation as per priority.

Read More

DATA SECURITY

Perfect storm of cybersecurity risks threatens the hybrid workplace

HP Wolf Security | November 01, 2021

HP Inc. today released its latest HP Wolf Security report: Out of Sight & Out of Mind, a comprehensive global study highlighting how the rise of hybrid work is changing user behavior and creating new cybersecurity challenges for IT departments. The research shows that a growing number of users are buying and connecting unsanctioned devices outside of IT’s purview. It also highlights that threat levels are rising, with attackers increasingly successful at bypassing defenses and tricking users into initiating attacks through phishing. All of this is making IT support more complex, time-consuming, and costly than ever. The report combines data from a global YouGov online survey of 8,443 office workers who shifted to Working from Home (WFH) during the pandemic, and a global survey of 1,100 IT decision makers conducted by Toluna. Key findings include: New Shadow IT buying and installing endpoints with security out of mind: ‘Shadow IT’ typically refers to non-IT departments deploying software beyond the purview of IT. This shadow is now spreading, with individuals procuring and connecting devices without being checked by IT. 45% of office workers surveyed purchased IT equipment (such as printers and PCs) to support home working in the past year. However, 68% said security wasn’t a major consideration in their purchasing decision, while 43% didn’t have their new laptop or PC checked or installed by IT, and 50% said the same of their new printer. Phishing becoming increasingly successful: 74% of IT teams have seen a rise in the number of employees opening malicious phishing links or attachments on emails in the last 12-months. 40% of office workers surveyed aged 18-to-24 have clicked on a malicious email with almost half (49%) saying they have done so more often since working from home. Of office workers that clicked or nearly clicked a link, 70% didn’t report it to IT – 24% didn’t think it was important, 20% cited the “hassle factor”, while 12% had a fear of reprisal or being punished. Increase in devices being compromised fuels growth in rebuild rates: 79% of IT teams report rebuild rates increased during the pandemic. Rebuild rates directly correlate to the number of endpoints that require wiping and reimaging because they have been compromised, which implies more attackers are successfully breaching outer defenses. The real figure could be higher still: 80% of IT teams worry that employee devices might be compromised and they don’t know about it. "People often don't know if they have clicked on something malicious, so the real numbers are likely much higher," comments Ian Pratt, Global Head of Security for Personal Systems, HP Inc. "Threat actors don't always announce themselves, as playing the 'long game' to move laterally and infiltrate higher-value infrastructure has proven to be more lucrative. For example, by using cloud backups to exfiltrate sensitive data in bulk, encrypting data on servers, then demanding a multi-million-dollar ransom.” Pratt continues: "It shouldn't be this easy for an attacker to get a foothold - clicking on an email attachment should not come with that level of risk. By isolating and containing the threat you can mitigate any harmful impact, preventing persistence and lateral movement." With threats rising, it’s becoming more difficult for IT teams to deliver security support. 77% of IT teams said the time it takes to triage a threat has increased in the past year, while an estimated 62% of alerts relating to the endpoint are false positives, leading to wasted time. With IT teams tied up dealing with alerts, it’s becoming harder for them to onboard employees and identify threats: 65% of IT teams said that patching endpoint devices is more time-consuming and difficult due to the mass shift to home working, while 64% said the same of provisioning and onboarding new starters with secure devices. As a result, IT teams estimate the cost of IT support in relation to security has risen by 52% in the last 12-months. 83% of IT teams said the pandemic has put even more strain on IT support because of home worker security problems, while 77% of IT teams say homeworking is making their job much harder and that they fear teams will burnout and consider quitting. “As IT continues to grow in complexity, security support is becoming unmanageable,” Pratt concludes. "For hybrid working to be a success, IT security teams need to be freed from spending hours provisioning and fielding user access requests so they can focus on tasks that add value. We need a new security architecture that not only protects against known and unknown threats, but that helps to reduce the burden to liberate cybersecurity teams and users alike. By applying the principles of Zero Trust, organizations can design resilient defenses to keep the business safe and recover quickly in the event of a compromise.” HP is helping organizations to secure the hybrid workplace by delivering endpoint security that provides teams with greater visibility and management tools. With HP Wolf Security1 organizations benefit from robust, built-in protection from the silicon to the cloud, and BIOS to browser. HP Wolf Security provides the ideal support for securing the hybrid workplace – for example HP Sure Click Enterprise2 reduces the attack surface by rendering malware, delivered via email, browser or downloads, harmless through threat containment and isolation. HP Wolf Security enables teams to deliver defense-in-depth and enhanced protection, privacy, and threat intelligence, gathering data at the endpoint to help protect the business at large. About HP Wolf Security From the maker of the world’s most secure PCs3 and Printers4, HP Wolf Security is a new breed of endpoint security. HP’s portfolio of hardware-enforced security and endpoint-focused security services are designed to help organizations safeguard PCs, printers, and people from circling cyber predators. HP Wolf Security provides comprehensive endpoint protection and resiliency that starts at the hardware level and extends across software and services.

Read More

DATA SECURITY

Guardforce AI Bolsters its Cybersecurity and Robot as a Service Solution Services

prnewswire | November 16, 2020

Guardforce AI Ltd. ("Guardforce AI"), a confided in incorporated security arrangements supplier in Asia, reported two key activities to support its security administrations and contributions in the district. Online protection offering Guardforce AI declared today an organization concurrence with Hong Kong-based entrance testing organization Handshake Networking Ltd ("Handshake") to offer organization hazard evaluation administrations in the Asia Pacific area, hoping to catch new open doors in the flourishing business sector for online protection and oversaw security administrations in the locale. As a feature of the arrangement, Guardforce AI will dispatch GFAI RECON "fueled by" Handshake, a devoted digital danger evaluation administration to support little and medium-sized endeavors (SMEs), corporate customers, schools, clinics and different organizations distinguish and recognize weaknesses in their organizations. Asia Pacific's network safety market was esteemed at US$30.5 billion out of 2019, and it is required to enlist a CAGR of 18.3%, during the time of 2020-2025, as indicated by a report from research firm Mordor Intelligence. Digital hoodlums have gotten progressively dynamic as organizations of all sizes move increasingly more of their organizations internet, driving SMEs and huge enterprises the same to commit more assets to battle possible online dangers. "Guardforce AI is always looking to identify and partner with strategic technology providers to enhance the security of our established long-standing customer base in Thailand and capitalize on those new relationships to win new customers in Asia Pacific," said Terence Yap, Chairman of Guardforce AI. "We are continuing to see a converging trend in the physical and cyber world. As such, Guardforce AI will double down its efforts to identify opportunities and develop solutions that will enable us to remain relevant." Dispatched in 2004, Handshake offers a wide assortment of data security consultancy administrations, including entrance testing and weakness evaluation, data frameworks review, consultancy, PC crime scene investigation and security mindfulness preparing. Handshake's prime supporter and Managing Consultant Richard Stagg stated, "We are anticipating having the option to bring our data security ability to Guardforce AI's current clients, and working close by Guardforce AI to additionally build up the market for such administrations across Asia Pacific. The danger to data frameworks has never been higher, so helping organizations and associations prepared themselves for assaults and get ready successful reactions is a mission we pay attention to very". Overseen administrations development with robots Guardforce AI has likewise as of late revealed a robot as a help (RaaS) answer for the business and public areas to encourage warm imaging and temperature estimations. The organization has sent in excess of 100 robots to date in its home market in Thailand, just as in Singapore, Hong Kong, Macau and Malaysia, as a component of a methodology to venture into other security applications and oversaw security administrations and construct new repeating income streams with its current client base and key accomplices in the district. With a background marked by over 38 years in Thailand, Guardforce AI is focused on ensuring money and other high-esteem resources for government associations and organizations, including banks and retailers. Guardforce AI conveys its expert administrations all through Thailand through 21 branches and an armada of in excess of 450 made sure about vehicles. Utilizing inventive innovations that upgrade wellbeing and security, Guardforce AI assists customers with working securely in a universe of complex and advancing dangers. About Guardforce AI Co., Ltd. Guardforce AI Co. Ltd. is a leading integrated security solutions provider that is trusted to protect and transport the high-value assets of public and private sector organizations. Developing and introducing innovative technologies that enhance safety and protection, Guardforce AI helps clients adopt new technologies and operate safely as the Asia Pacific business landscape evolves.

Read More

Spotlight

The emergence of IoT – the networked connection of people, process, data and things – is expected to significantly grow the number of connected devices worldwide, from billions of units we have today, to tens of billions of units expected to be deployed in the coming years as stated by several analysts.