Tag: Cybersecurity
‘Shadow IT’ poses a rapidly growing risk
The use of ‘shadow IT’, where staff purchase software without the approval of their IT department, is still on the rise. Despite being acutely aware of the cyber risks involved, three-quarters of security professionals admit to using off-the-shelf software-as-a-service (SaaS) applications in the last year. According to a survey of over 250 global security professionals carried out by cybersecurity firm Next DLP, 73 percent admitted to using SaaS applications, with over half of the respondents naming data loss (65 percent), lack of visibility and control (62 percent) and data breaches (52 percent) as the chief risks inherent in using unauthorized tools. One in ten also admitted they were certain their organization had suffered a data breach or data loss as a result.
Russian gang shuts down two Indiana counties
Clay County, Indiana, in the US, is sounding a Local Disaster Declaration in the wake of a “criminal ransomware attack” that occurred last week, following reports of increasing cyber-attacks on local governments across America. “Clay County local government suffered a significant ransomware attack in the early morning hours of July 9, 2024. This has resulted in an inability to provide critical services required for the daily operation of all offices of the Clay County Courthouse, Community Corrections, and Clay County Probation,” said the county in an official statement.
Public sector phishing attacks increase fourfold
With national elections coming up later this year, US public-sector organizations are experiencing unprecedented levels of phishing attacks designed to dupe government staff into opening weaponized links in fake emails. According to email security firm Abnormal Security: “Between May 2023 and May 2024, public sector organizations experienced an astounding 360 percent growth in phishing attacks. While phishing tends to consistently increase each year and regularly accounts for the majority of advanced threats, this level of growth is extraordinary.”
Exclusive: Expanding AI data centers have become tempting targets
Big Tech’s rapidly-expanding server farms are becoming increasingly tempting targets for ransomware gangs. In their Gadarene rush to be first with AI-based services, companies such as Google and Microsoft are not only abandoning any previous pretences about reducing their greenhouse emissions and energy consumption, they are also inadvertently building increasingly tempting targets for organized cybercriminals and nation-state threat actors. The online industry’s vast data centers and server farms run on similar operational technology (OT) systems to other industrial facilities. Originally designed to run offline, these systems are notoriously difficult to secure, particularly when they need to interface with newer information technology (IT) systems.
Exclusive: Deepfakes being used to manipulate share prices
Cash-rich cybercriminals are learning that the easiest way to make money on the stock markets while laundering cash at the same time is to use deepfake videos to impact share prices, albeit temporarily. According to Tim Grieveson, Senior Vice President of Global Cyber Risk, BitSight: “Using video and audio deepfakes to manipulate share prices for financial gain is definitely happening, but is something no one is currently talking about.” “Using a deepfake to announce a takeover could, for instance, drive up a stock in which the threat actor owns shares. Alternatively, a negative announcement such as a dire profits warning could be used to lower the share price so that the threat actor could buy the shares at a knock-down price, only to sell them again when the profits warning was seen to be fake” adds Grieveson.
Exclusive: Banks face a growing physical security threat
Banks, traditionally the main target for cybercriminal groups, are now being attacked not only by new online hacking techniques but also by a growing range of physical hacking tools and techniques. While financial institutions have high levels of cybersecurity and strong physical security, they currently face a growing threat from combined physical and digital assaults. “Physical security and cybersecurity convergence in the business environment. A favorite weapon in the hacker arsenal is the Flipper Zero, an inexpensive pocketable device that enables you to hack into nearby smartphones and IT systems,” says Tim Grieveson, Senior Vice President of Global Cyber Risk, BitSight.
Levi’s breach exposes 72k customer details
Over 72,000 US consumers may have had their account details compromised following a cyber-attack on denim clothing giant Levi Strauss & Co. Almost two weeks ago, on June 13, Levi’s spotted an unusual spike in activity on its consumer-facing website and immediately realized its users were under threat. “Our investigation showed characteristics associated with a “credential stuffing” attack where bad actor(s) who have obtained compromised account credentials from another source (such as a third-party data breach) then use a bot attack to test these credentials against another website – in this case www.levis.com,” said Levi’s in a published notice detailing the data breach.
US to block use of Chinese semiconductor equipment
The US Congress has introduced a new act to prevent the Chinese and “other foreign entities of concern” from infiltrating the US’s domestic chipmaking industry. The bill, the Chip Equipment Quality, Usefulness, and Integrity Protection Act of 2024 (Chip EQUIP Act), follows on from the CHIPS and Science Act, enacted in 2022, which earmarked roughly $280 billion in new funding to boost US domestic research and manufacturing of semiconductors. It included $39 billion in subsidies plus tax breaks for US chipmakers. However, China has recently matched this with a new $40 billion investment in its own semiconductor industry, which will heavily focus on chip manufacturing equipment. In April, Chinese tech giant Huawei announced investing in new R&D capabilities to rival US, Japanese, and Dutch firms.
AI-engineered email attacks are on the rise
Email scams aimed at business users are becoming increasingly sophisticated and increasingly tough to detect. Threat actors are now using artificial intelligence to research their targets in advance of an attack, a process known as ‘social engineering.’ Phishing attacks and email scams that appear to come from a trusted source make up 35.5% of all socially engineered threats, according to a report from cybersecurity firm Barracuda: Top Email Threats and Trends. Although these types of attacks have been around for some time, cybercriminals have recently devised ingenious new methods to avoid detection and being blocked by email-scanning technologies.
Healthcare attack exposes 200,000 Los Angeles patient records
The Los Angeles County Department of Public Health has been breached by a cyber-attack that has compromised the personal information of over 200,000 private individuals. This is the latest breach in a series of major cyber-attacks on the healthcare sector. As with so many breaches, the Los Angeles County breach was the result of a phishing attack aimed at unsuspecting staff. The attack enabled a hacker to gain the log-in credentials of 53 public health employees and subsequently compromised the personal information of 200,000 patients. According to the LA County Department of Public Health: “The information identified in the potentially compromised e-mail accounts may have included DPH clients/employees/other individuals’ first and last name, date of birth, diagnosis, prescription, medical record number/patient ID, Medicare/Med-Cal number, health insurance information, Social Security Number, and other financial information.”
Cyber Tsunami Set to Overwhelm Paris Olympics
The Olympic games, which kick off in Paris towards the end of next month, are expected to attract over 15 million visitors to the French capital and generate around €11 billion. But there are also growing fears that the four-yearly global event will be the target of a tsunami of cybercrime and terrorism. “The Tokyo Games in 2021 suffered 450 million computer attacks. Paris expects eight times more!” says the networking giant Cisco, an official partner for Paris 2024.
Microsoft Pauses AI Copilot+ Feature Rollout Due to Safety Concerns – June 14th
Microsoft revealed that it's placing the AI-powered Copilot+ feature for PCs on hold due to critical safety concerns. "We are adjusting the release model for Recall to leverage the expertise of the Windows Insider community to ensure the experience meets our high standards for quality and security," Microsoft said in an update.