Microsoft researchers say that Russian cyber attacks in March against a television broadcaster and a nuclear plant directly preceded military action directed at those targets.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Advancements such as Infrastructure as Code, DevSecOps and Security as Code are making a difference in the world where the most life-critical organizations release new code hourly.
Cybercrime outfits are increasingly shifting to highly structured and advanced fraud operations, with "scams-as-a-service" models that reflect the similar offerings for other attack types such as ransomware.
The Philippines government is considering reviving a previously-vetoed bill that would mandate SIM card registration due to rampant phishing scams that are difficult to trace. Country's two biggest carriers, PLDT and Globe, already blocking over a billion scam messages.
In 2018, 351,936 complaints were filed with the FBI, averaging around 900 a day, and these successful internet crime schemes resulted in about $2.7 billion in personal and business losses.
Improving cybersecurity maturity can be a struggle for organizations at every level as the industry collectively grapples with skills shortages and a complex threat landscape. Building a mature development organization can strengthen overall security.
Verizon's annual mobile security report paints a picture of a landscape increasingly dependent on mobile devices to get work done, this pattern has been driven primarily by the pandemic conditions.
Okta has warned about social engineering attacks by sophisticated actors targeting super administrators by tricking service desk staff into resetting multi-factor authentication for privileged users.
Tripwire report finds that IoT security is a major issue at nearly every company; 99% of respondents have security challenges, and over 75% report problems fitting these devices into their present security approach.
Brazen robbery by crypto hackers cost users of a DeFi platform a collective $610 million, but only for a little while. Hackers have since returned all but $33 million in assets.