Stay updated with the latest cybersecurity news!
July 15, 2020
Levels of cybercrime have increased recently, he said, noting “a 6,000% increase in spam linked to Covid” at the height of the pandemic. He then cited some frightening examples. One was an email sent to people “desperate for PPP [the US Paycheck Protection Program]. It installs malware on their computers, steals all their information [and] says, “If you don’t pay us a ransom, we’ll infect you and your family with Covid-19,” he said.
Another “claims to be a member of the World Health Organization and is installed to capture everything you do on your computer”. His conclusion? “Cybercrime is one of the fastest growing businesses today.”
Allegations of state-sponsored cyberattacks have hit the headlines in recent weeks. The FBI (and the White House) have accused China of using digital espionage to steal research on a Covid-19 vaccine, while Australia has exposed China for widespread cyberattacks.
But, as Mantas says, the most striking trend is the explosion of attacks against businesses and individuals. And although minorities in the United States, who may be less aware of the risks and more nervous about approaching the authorities, seem particularly vulnerable, the assault is felt by almost everyone, almost everywhere.
Hundreds of tools are available to secure various elements of applications portfolio, from locking down coding changes to assessing inadvertent coding threats, evaluating encryption options and auditing permissions and access rights. However, historically many developers care so much about programming features into their systems and using leading-edge development platforms that security often becomes an afterthought or falls by the wayside.
More recently, studies witnessed the shift from data theft to data encryption by ransomware, as attackers discovered that the person willing to pay most for the data is the original owner. In addition to this major trend, it has become obvious over the years that old attacks and vulnerabilities never quite disappear.
Microsegmentation is a method of heightening network security by logically splitting up workloads and data centers by implementing granular segmentation policies. Typically, organizations invest the majority of their resources in securing their network from external attacks through the use of firewalls or intrusion prevention systems. However, if a breach occurs, intruders will have access to all of the information in the entire data system. In addition, actors who already have internal access would be able to access the entire data system, while they should only have access to parts of the system relating to their responsibilities.
Passwords are the first defense to protecting private information. It is important to implement strong passwords to make it difficult for outsiders to breach that wall and gain access to sensitive information. Having a weak password leaves not only the user at risk, but when dealing with a company managing any private data, the company is susceptible to hacking which can cost thousands of dollars or even millions of dollars.
24By7Security, Inc. is a full service Cybersecurity strategy, implementation, operations and training firm. We provide Cybersecurity and Compliance related services across all functions of the enterprise. Our Cybersecurity services include security risk assessments, vulnerability assessments and penetration testing, social engineering testing, web application testing, policies and procedures, incident response management, forensics, cybersecurity awareness training, and more. Our Compliance services include CFPB/DFA, FIPA, FERPA, SOC-SSAE 18, GLBA, HIPAA, PCI, SOX, GDPR, HITRUST, ISO 27001, FFIEC, NIST-CSF, NYDFS Cybersecurity Regulations and others.