[metaslider id=2951] … Read More
Ransomware is the Biggest Threat for Small to Medium Businesses
Eighty-six percent Small to Medium Business (SMB) clients were recently victimized by ransomware and 21 percent report six or more SMB attacks in the first half of 2017 alone, according to Datto’s State of the Channel Ransomware Report.
Key findings from the ransomware report include:
- An estimated five percent of global SMBs fell victim to a ransomware attack from 2016 to 2017. According to 97 percent of managed service providers (MSPs), ransomware attacks are more frequent in 2017.
- According to 99 percent of MSPs, the frequency of SMB targeted attacks will continue to increase over the next two years.
- Less than one in three ransomware attacks are reported by SMB victims to the authorities, a marked improvement from one in four incidents reported in 2016. Additionally, 35 percent report SMBs paid the ransom, down from 41 percent in 2016. The total cost of ransom paid to ransomware hackers in 2017 is $301M. Of those victims that pay up, 15 percent still never recover the data.
- As a result of a ransomware attack, 75 percent of MSPs report clients experienced business-threatening downtime. Nearly 30 percent of MSPs report a ransomware virus remained on an SMB’s system after the first attack and struck again at a later time. One in three MSPs report ransomware encrypted an SMB’s backup, making recovery even more complex.
- Nearly 85 percent of MSPs who’ve dealt with ransomware report seeing CryptoLocker. Additional common variants include CryptoWall, Locky and WannaCry, which is a new addition to the list.
- Among those industry verticals who are targeted most by ransomware attacks are Construction, Manufacturing and Professional Services. SaaS applications continue to be a growing target for ransomware attacks with Dropbox, Office 365 and G Suite most at risk. Mobile and tablet attacks are also on the rise.
- While 90 percent of MSP respondents cited they are “highly concerned” about the business threat of ransomware, only 38 percent of SMB clients felt the same. This could be due to the lack of mandatory cybersecurity training across SMBs, which MSPs cite as the leading cause of ransomware infections.
Contact us to discuss protection against ransomware.
Phishing Attacks – A Concern for Healthcare
Healthcare continues to remain susceptible to cyber attacks – specifically phishing, whether it is to obtain private health information or disable their networks with a ransomware attack.
The healthcare industry relies heavily on their connectivity, probably more so than other industries and the impact of such breaches is devastating not only for the facility, but also for those who may have their personal information out in the wild. In some instances the phishing attacks are extremely sophisticated and even with training, it may still pass the inspection. A multi-layered security approach must be considered, including training, as well as endpoint protection and detection.
Contact us for more information.
Healthcare IT News – Two Phishing Attacks on Minnesota DHS Breach 21,000 Patient Records
Younger employees ‘main culprits’ for security breaches
UK senior decision makers believe younger workers are the biggest risk to cyber security, but are doing little to support them and reduce that risk, a report reveals
From ComputerWeekly.com – Warwich Ashford
More than a third of senior executives believe that younger employees are the “main culprits” for data security breaches in the workplace, a study shows.
However, the same decision makers are doing very little to allay their own fears, with more than a third of 18 to 24 year olds able to access any files on the company network, and less than half (43%) have access only to the files that are relevant to their work.
The study, conducted by Censuswide, sought the views of 1,000 next generation workers (18-24 year olds) and 500 decision makers in UK organisations.
The study examines how security, privacy and online behaviour at work impacts the lives of younger employees and the companies that they work for.
Password sharing tops the list of what keeps decision makers awake at night (56%), but 29% of younger workers reveal that they are in the driving seat when it comes to password changes, with their employers leaving it to them to decide when they need a password change. Furthermore 15% admit to sharing passwords with colleagues.
Asked how younger employees could negatively impact the workplace, 47% of decision makers worry about them sharing social media posts and the impact these could have on brand and reputation. Many have even raised issues in court regarding such issues. Employment law firms such as Dhillon Law (learn more) and others regularly deal with cases of employee misconduct, which include cases of malicious or accidental data breaches, but also of younger employees being discriminated against due to such stereotypes.
However, these concerns appear well founded with one in five workers saying they are not bothered about how their social media activity might affect their employers and 18% admitting that their posts could compromise employers’ security and privacy policies.
However, less than half say their company has social media guidelines in place, highlighting the need for strong social media access controls that follow the principles of a zero-trust approach to security, which assumes that users inside a network are no more trustworthy than those outside the network. The lack of trust may be caused by previous incidents of security breaches or leaks of information due to carelessness or malpractice. In turn, this could result in chain-reaction events that could cause further losses for the company.
Likewise, communications within digital company workspaces leave a small window for security breaches. By using a ucaas hosted voice assistant software from a company such as BCM One, such wiggle room can be minimized regarding telecommunication-based activities. The use of hired or native communication software or applications in accordance with the company’s protocols can be regarded as a precautionary step. Following these steps can result in a more secure workspace for employees.
In addition to that, companies can also consider other ways to make sure that their business communication and data are secure. The “always on” approach to technology of younger workers with no experience of an off-line world, further reinforces the need for robust security policies, the study report said. When it comes to this generation of workers, 40% of decision-makers are concerned about their misuse of devices, while 35% say they are too trusting of technology and 30% worry they share company data too easily.
While 79% of decision makers report having a strong security policy in place and 74% of them think that their employees abide by it, over a third (37%) feel that young workers are too relaxed about security policies.
Awareness of the dark web
Decision-makers also say the next generation of workers have a good awareness of the dark web (87%), underground hacking (79%) and crimeware. And although around half (48%) say they have strict guidelines in place for employees accessing these new “dark arts”, 39% feel they could be better. That is why dark web monitoring is essential in all businesses so that there can be safety checks done consistently to keep on top of any issues.
“Some may think of younger workers as always online, always ready to share information and perhaps not being as concerned about privacy or security as perhaps older workers, but we must remember they are the business leaders of tomorrow and we must help not hinder them,” said Barry Scott, chief technology officer for Europe at Centrify.
“While it’s clear that employers are concerned about this new generation entering the workforce – and see them as a potential risk to both the business and brand – these same companies are perhaps guilty of not putting in place the right security processes, policies and technologies.
“If you give employees access to any information at any time from any place, or fail to enforce strict password and security policies, they are likely to take full advantage, putting both their own jobs at risk as well as the company itself,” he said.
According to Scott, the study shows it is time to discard the old castle and moat model of “trust but verify” because it does not work in today’s mobile-first, cloud-enabled world where employees can be anywhere and work on multiple devices.
“Traditional network perimeters are dissolving and security professionals must adopt a zero-trust security approach that assumes bad actors are already on the network,” he said. “With zero-trust, we verify every user, validate their device and limit their access to only the resources they need, and use machine learning to ensure the resulting improved security has no impact on efficiency.
“Let’s be clear that zero-trust is not saying we’ve lost trust in our employees, it actually provides an enabler to allow them to work exactly the same way wherever they are, and provides the company with a stronger security posture.”
Extra mentoring needed
The study report concludes that while managers’ assumptions that next-generation workers are the root of cyber security problems in the workplace may be overstated, there are some areas, such as social media use and password management, where younger workers do need extra mentoring.
Decision makers can do more to address this problem, the report said, by putting technical controls in place (for example, businesses can look here to learn more about the aforementioned zero-trust approach), refining security policies and communicating them effectively to employees.
However, according to the report, leadership and the need for decision makers to set a good example are equally important. “If managers can demonstrate a commitment to security through their own policies and actions, then the next-generation workforce will surely follow,” the report said.
Banking Trojans replaced Ransomware as top email-based payload in Q1
The concept of infecting targeted users with banking trojans has been so successful in the recent past that in the first quarter of 2018, banking trojans overtook ransomware as the top malicious payload distributed through email.
The concept of infecting targeted users with banking trojans has been so successful in the recent past that in the first quarter of 2018, banking trojans overtook ransomware as the top malicious payload distributed through email.
In all, banking trojans accounted for 59 percent of all malicious email payloads in the first quarter of 2018 which also saw email-based malware attacks rise significantly. A new report from Proofpoint has shown that the number of firms receiving more than 50 email-based malware attacks grew by 20 percent compared to in the last quarter of 2017.
Aside from injecting banking trojans that are designed to obtain confidential information about customers and clients using online banking and payment systems, hackers are also distributing information stealers, downloaders, remote access Trojans (RATS), and other banking malware via emails to steal credentials and to use them to commit fraud or theft.
Cyber-criminals are also leveraging sophisticated malware that are adept at defeating a majority of anti-malware protections installed on targeted systems. For example, Emotet, a polymorphic malware that has the ability to evade over 75 percent of antivirus engines, has been used in 57 percent of all banking malware attacks and 33 percent of all malicious payloads in Q1.
“Trojans are effective because they exploit weaknesses on different levels. Fraudsters often bait unsuspecting users to click on links in emails that seem to be legitimate, which lead them to a fake website or to download a malicious app,” said Gerhard Oosthuizen, CTO at Entersekt to SC Magazine UK.
“These fakes can look frighteningly real, and the emails baiting users often mimic the bank’s official communications in design and tone. It makes it very hard for users to know when an email, the site they’re clicking through to, or the app they’re downloading, is legitimate.
Sophos Named Leader (again) in Gartner Magic Quadrant for Endpoint Protection
Sophos has once again been named a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms, as we have been for the past decade. This year, there were one of only three in this category. This positioning confirms the ongoing innovation and impressive results of Sophos Intercept X, one of the industry’s most comprehensive endpoint protection.
Get your complimentary copy of the Magic Quadrant Report, click here,
In the report, Gartner states that the definition of an Endpoint Protection Platform (EPP) has been updated: “In September 2017, in response to changing market dynamics and client requirements, we adjusted our definition of an EPP. An EPP is a solution deployed on endpoint devices to prevent file-based malware, to detect and block malicious activity from trusted and untrusted applications, and to provide the investigation and remediation capabilities needed to dynamically respond to security incidents and alerts…Organizations are placing a premium on protection and detection capabilities within an EPP, and are depreciating the EPP vendors’ ability to provide data protection capabilities such as data loss prevention, encryption or server controls.”
“The threat landscape is evolving at an astonishing rate,” said Dan Schiappa, senior vice president and general manager of products at Sophos. “During the last 12 months alone we have seen repeated ransomware attacks that traditional endpoint protection alone cannot adequately protect against. To stay at the forefront of endpoint protection, vendors must continually analyze the landscape and innovate the approach to protection faster than cybercriminals can innovate their attack techniques. We believe Gartner’s continued placement of Sophos in the Leaders quadrant in the Magic Quadrant for Endpoint Protection Platforms demonstrates that Sophos is able to innovate and deliver solutions that organizations of all sizes can use every day. Predicting future threats is the future of security protection and the deep learning capabilities we have added to our portfolio is enabling us to do just that, more effectively than any other next-generation vendor.”
Further strengthening the advanced levels of protection within its endpoint portfolio, Sophos also announced today that it has added deep learning neural network and advanced anti-exploit technology to the newest release of its next-generation Intercept X. Intercept X can be installed alongside any traditional endpoint protection from any vendor, immediately boosting detection speed and accuracy. Sophos believes that its next-generation enduser, server, and network protection technologies will further its leadership and continue to keep customers protected as threats evolve. The advanced machine learning technology has been further developed by Sophos to enhance Sophos Sandstorm capabilities and is powering automated threat analysis in SophosLabs facilities worldwide.