Global Cybersecurity League Formed to Fight Hospital Ransomware

cointelegraph | April 02, 2020

A crack team of cybersecurity experts in 65 countries has come together to combat ransomware attacks on hospitals during the coronavirus crisis. Calling themselves the COVID-19 CTI League the community of experts aims to protect the technological infrastructure of front-line medical resources from cyberattacks. Hospitals around the world have seen a big increase in cyberattacks over the past year, in which critical IT systems are encrypted with malware. Gangs demand a Bitcoin ransom in return for the decryption key. Hospitals are often seen as soft targets, due to ageing IT infrastructure and a willingness to pay due to the critical nature of their work. Cointelegraph reported on March 30 that Ryuk ransomware continues to target hospitals and healthcare providers based in the United States.

Spotlight

Talal Abu-Ghazaleh Information Technology International IT Auditing & IT Security. Cybercrime damage costs to hit $6 trillion annually by 2021. It takes years to build a reputation and few minutes of cyber-incident to ruin it. +4,000 ransomware attacks every day. A cyber attack can cripple an organization's reputation.


Other News
ENTERPRISE SECURITY

Confluera Cloud Research Finds Cybersecurity Concern as Biggest Obstacle to Cloud and Multi-Cloud Adoption

Confluera | February 19, 2022

Confluera, the leading provider of next-generation cloud cyber attack detection and response, today released the findings of their latest research report, which explores how IT leaders detect, evaluate, and act against cybersecurity threats in today's cloud environment. The study, 2022 Cloud Cybersecurity Survey Report, showcases the perspective of 200 U.S. IT leaders at medium to large sized organizations and how they are tackling the increasingly complex remote, cloud-centric IT security landscape. The majority of organizations are accelerating their cloud adoption with 97% of IT leaders surveyed stating that their strategy includes the expansion of cloud deployments. The strategy includes expansion in scale and in many cases, the adoption of multiple platforms such as AWS, Google Cloud and Azure. This strategy is not without its challenges, however. Approximately, 63% of IT professionals identified cyberthreats designed to target cloud services as the top obstacle to their cloud strategy. Cloud and multi-cloud adoption has greatly increased the workload of already burdened IT teams. Of the 200 IT leaders surveyed, only about half of the respondents said that they are adequately staffed to manage the frequency of alerts they receive. IT teams spend 54% of their time investigating security alerts, with over half of those alerts turning out to be false or benign alarms. As threats within the cloud proliferate, IT leaders are looking for solutions to help them quickly separate the signal from the noise so they can act on the real threats promptly. Some key findings of the survey as it relates to cloud deployments are below. More than 65% of IT leaders said cloud IaaS adoption (AWS, Azure, Google Cloud, etc.) was the primary contributor to their increased workload in 2021 When asked what challenges were associated with adopting multiple cloud platforms, 69% said maintaining consistent cybersecurity coverage across all cloud infrastructures Nearly 50% said securing the resources to manage different cloud infrastructures Nearly 45% identified the difficulty detecting threats progressing from one cloud infrastructure to another "While accelerated cloud adoption continues to be a critical element in adapting to the new way of doing business, it has strained IT leader's ability to manage their workload, Organizations need to ensure proper people, processes, and tools are in place for the team to expand the complex cloud environments without sacrificing their attention to security." John Morgan, CEO of Confluera Morgan continued, "To make matters worse, the Great Resignation has demonstrated the burnout that workers across the U.S. economy are feeling, and nowhere is this burnout more obvious than in the cybersecurity teams. Organizations must ensure frequent conversations between executives and cybersecurity managers to ensure they are well equipped to adequately manage alerts, maintain systems, and avoid burnout within their teams. Other key findings include the following: 85% of IT leaders said that they experienced increased workload due to shift in work model including remote workers Nearly 70% of IT leaders said that the change in work model has made it more difficult to keep company resources secure Nearly 59% of all alert investigations turn out to be false alarms or benign activities 90% of IT leaders said they create threat storyboards but close to 60% rely on third-party services to create storyboards after the incident Not all findings in the report were so glum, however. In a positive sign, 84% of IT leaders were optimistic about their cybersecurity readiness for 2022. The majority of respondents note the availability of new cybersecurity tools as the reason for their positive outlook, with 59% saying that a Detection and Response solution for the cloud, or CxDR, is the innovation they are most excited about for future deployment. "2021 was a tough year for many IT leaders, but the market is now providing organizations with the tools they need to effectively manage the infrastructures they have and even expand them further," added Morgan. "Given proper resources and effective communication, IT leaders have every right to be positive as we move into the new year." About the Study Confluera commissioned an independent research firm to survey U.S. IT leaders using a national network of verified panel providers. A total of 200 respondents completed the survey, which was conducted between December 3-7, 2021. Those surveyed included those with senior titles, including Manager, Director, and VP/C-level. The margin of error for this study is +/-5.9% at the 95% confidence level. About Confluera Confluera is the leading provider of next-generation Cloud eXtended Detection and Response (CxDR) solutions. Recognized by Forbes as one of the Top 20 Cybersecurity Startups to Watch in 2021, Confluera's storyboard technology automates cyber attack analysis making small and large security teams more efficient. The solution has unprecedented visibility of attacks in the cloud and modern application architectures, reveals threats in real-time, and will shut down advanced multistage attacks.

Read More

DATA SECURITY

Security Tops Retailers’ Wish Lists this Holiday Season

Futurex | November 17, 2021

Record sales expected in 2021, along with hackers; Futurex recommends point-to-point encryption for retailers to protect cardholder data BULVERDE, Texas, November 17, 2021 — As we enter the biggest retail season of the year, transactions are increasing, as are the numbers of hackers and skimmers — targeting shoppers’ cardholder data. The last thing retailers need to worry about is cyber threats that lead to ransomware or data breaches, as they welcome shoppers and juggle supply chain disruptions. Futurex, a leader in hardened, enterprise-class data security solutions, recommends retailers implement point-to-point encryption (P2PE) to encrypt cardholder data at the point of sale to keep it safe from malware that might be spying on network traffic and capturing credit card numbers. Futurex secures transactions for several of the nation’s largest retailers, protecting shoppers’ sensitive cardholder data and payment information. U.S. retail sales now through December are expected to grow 10.5% to a record $859 billion, compared to 2020, according to the National Retail Federation. Meanwhile, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have warned about the increase of cyber threats, including ransomware, around the holidays. “Behind every gift, every purchase, and every payment, retailers and consumers depend on secure transactions to protect payment information,” said Ryan Smith, vice president, global business development, at Futurex. “As the critical security backbone of the global financial ecosystem, we work with the world’s largest retailers and financial institutions to safeguard data in transit and at rest." The use of hardware security modules (HSMs) in transaction processing is critical, as payment HSMs provide the cryptographic functions needed to support end-to-end data security, including encryption and cryptography key management. In a compliant P2PE environment, sensitive data is encrypted from the point of interaction and decrypted only within the secure boundary of a FIPS 140-2 Level 3 or PCI HSM-validated HSM. Learn more about point-to-point encryption. About Futurex For more than 40 years, Futurex has been a trusted provider of hardened, enterprise-class data security solutions. More than 15,000 organizations worldwide, including financial services providers and corporate enterprises, have used Futurex’s innovative hardware security modules, key management servers, and enterprise-class cloud solutions to address their mission-critical systems, data security, and cryptographic needs. This includes the secure encryption, storage, transmission, and certification of sensitive data. For more information, please visit futurex.com.

Read More

DATA SECURITY

S2W has signed contribution agreement with INTERPOL for CTI solution XARVIS ENTERPRISE

S2W | January 03, 2022

Data Intelligence company S2W announced that INTERPOL has recently signed a contribution agreement introducing S2W's cyber threat intelligence (CTI) solution "S2-XARVIS ENTERPRISE" to strengthen its ability to analyze new cyber threats such as dark web and ransomware. S2W has been supporting INTERPOL to identify and prevent "third-world dark web crimes" as part of its "binding the gap among member countries for a safer world," and recently conducted international ransomware organization arrest operation such as Revil, Cl0p, and GandCrab. "INTERPOL is strengthening the use of advanced information and communication technologies such as artificial intelligence and big data and expects that the introduction of S2W's cyber threat intelligence (CTI) solution – S2 XARVIS Enterprise will directly help to prevent nationwide cybercrime through real-time threat detection and dark web/deep web coverage," Robert Han, Head of Global Business of S2W Sangduk Suh, CEO of S2W said "We are focusing on providing services to institutions and companies so that we can build a strong security environment using threat intelligence (TI) information, and through this, we will contribute to eradicating international cybercrime." About S2W S2W is a Data Intelligence company, established in 2018, that extracts and provides actionable intelligences optimized for each client's needs from numerous data. Specialized intelligence provided by S2W can cover multiple industries with its unique data collection and big data analysis for the Dark Web and Deep Web. S2W solutions protect clients from various cyber threats and data leakage, such as personal information, financial information, confidential information within organizations through top-notch data collection and detection technologies.

Read More

DATA SECURITY

IT-Harvest Launches the Analyst Dashboard for Cybersecurity

IT-Harvest | March 31, 2022

IT-Harvest, a data-driven industry analyst firm, announces the launch of an SaaS application for tracking and analyzing the entire cybersecurity industry. Some data will be published for free at dashboard.it-harvest.com. Subscribers will receive access to all the data assembled over a decade by IT-Harvest, including category, subcategory, headcount each quarter, investments, and key executives. Using the data on each of the 2,850 vendors worldwide, it is possible to compare countries, states, and regions. For instance, there are 1,567 cybersecurity vendors in the United States, 357 in the EU, and 236 headquartered in Israel. California is currently home to 560 cybersecurity companies. "The launch of this app is the realization of a 17-year journey to create an analyst firm that could offer more than opinions and reports. Subscribers get access to all the data we use in our research and reports. They can do their own analysis to test an investment thesis, find targets for acquisition, or create a short-list of vendors for a particular technology they are looking to acquire." Richard Stiennon, Chief Research Analyst at IT-Harvest In addition to the data, subscribers are purchasing a seat for advisory services, much like with a traditional analyst firm. IT-Harvest analysts are available for inquiries on markets, technology, and vendors as part of the annual subscription. The data available in the Analyst Dashboard is printed every year in the Directory in Security Yearbook available at www.it-harvest.com/shop. IT-Harvest tracks headcount at all cybersecurity vendors to identify fast growing companies and segments. That data is updated quarterly in the Analyst Dashboard and presented in a Leaderboard sorted by growth over the past quarter and calendar year. Subscribers can add any number of vendors to a watchlist and get email alerts when data on a company is updated. This could include new funding, a change in the executive team, inclusion in a research report, or an acquisition.

Read More

Spotlight

Talal Abu-Ghazaleh Information Technology International IT Auditing & IT Security. Cybercrime damage costs to hit $6 trillion annually by 2021. It takes years to build a reputation and few minutes of cyber-incident to ruin it. +4,000 ransomware attacks every day. A cyber attack can cripple an organization's reputation.

Resources