Brazen robbery by crypto hackers cost users of a DeFi platform a collective $610 million, but only for a little while. Hackers have since returned all but $33 million in assets.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
ENISA says software supply chain attacks will quadruple in 2021, causing widespread impact as threat actors deploy more sophisticated techniques making strong cyber defenses ineffective.
Employees are continuously deemed the “weak link” in any organizational cybersecurity simply because convenience is nearly always chosen over security. How can we shift this dynamic?
State of Threat Hunting report says half of organizations suffered cyber attacks from repeat hackers after failing to resolve a previous compromise or defend against new attacks.
Documents leaked to Vice's Motherboard magazine indicate that, between 2018 and 2020, Google fired at least 80 employees for data misuse. At least a few involve employees accessing user accounts and manipulating or deleting the data of other employees.
To prevent a true calamity, we need to bolster our cyber resilience by evolving our approaches and responses to cyber threats, be they ransomware or state-sponsored attacks, by using extensive scenario planning and wargaming.
Hackers are exploiting a 12-year-old router vulnerability existing in the Arcadyan firmware, potentially affecting millions of devices on home and corporate networks, and exposing serious supply chain risks.
One overlooked aspect of continuous testing is its potential for the automation of security checks. By utilizing the automated power of continuous penetration testing, a company would no longer need to waste the precious time of their employees.
Ransomware attacks and cloud security are two of the most persistent cyber defense issues today. CISA is taking a major step in expanding public-private partnerships with a new initiative.
The pandemic accelerated the transition to cloud-based systems for many organizations. Unsurprisingly, there's an uptick of phishing attacks as cybercriminals took advantage of our collectively distracted attention spans and less-than-stellar security practices.









