IT - Security

In the first quarter of 2020, DDoS attacks rose more than 278% compared to Q1 2019, and more than 542% compared to the last quarter, as published in the Nexusguard Q1 2020 Threat Report.

"DDoS attacks have become a global risk, and as attacks continue to increase in complexity, further spurred by the pandemic, ISPs will have to strengthen their security measures.

Undetectable and abnormal traffic patternss

While DDoS attacks disrupt service for large companies and individuals alike, ISPs face increasing challenges to curb undetectable and abnormal traffic patterns before they evolve into uncontrollable reflection attacks.

Generally considered the 'off season' for DDoS attacks, researchers attribute the surge in incidents to malicious efforts during the COVID-19 pandemic, as consumers become dependent on online services and working from home has become the new normal in an effort to prevent the spread of the virus..."

Fraudsters are becoming increasingly adept - here's how to stop them

"Identity theft has been a huge problem for a long time now, however fraudsters are now getting more sophisticated and trying to stay one step ahead.

In the unprecedented midst of a pandemic, we are seeing a sharp increase in all types of fraud. Experienced fraudsters are exploiting the current chaos and sadly we are seeing more people turn to fraud in an attempt to boost their income.

As well as personal identity theft there has been an increase in businesses falling victim to identity theft. This can be as simple as your website being spoofed or emails being intercepted and payment details amended..."

Automating It Security
ComputerWeekly, July 20th, 2020
IT security's battle with the hacking community has always been a game of cat and mouse, but it's becoming increasingly automated

"A study from Forrester recently warned that IT security professionals are becoming increasingly concerned about the rise in cyber crime powered by artificial intelligence (AI).

The study, commissioned by Darktrace, reported that close to 80% of cyber security decision-makers anticipate offensive artificial intelligence (AI) to increase the scale and speed of attacks.

In addition to their quickness, 66% also expect offensive AI to conduct attacks that no human could conceive of. The study warned that these attacks will be stealthy and unpredictable in a way that enables them to evade traditional security approaches that rely on rules and signatures and only reference historical attacks..."

Cybersecurity Lessons From The Pandemic
Dark Reading, July 20th, 2020
How does cybersecurity support business and society? The pandemic shows us

"There is absolutely no absolute security. Nature is designed in a way that things can and eventually will go wrong. This is true both for pandemics and cybersecurity incidents. The world wasn't fully prepared for a pandemic like COVID-19. We didn't know COVID-19 would strike the way it did or the extent to which it would affect the world and our society.

That's also true for security incidents and cyberattacks. There are cyber threats out there that we know exist. We prepare for those and implement security controls to protect our business and society from these known inevitable threats..."

89% of security professionals are most concerned about phishing, web and ransomware attacks. This is especially alarming, considering that only 48% confirm that they have continuous visibility into the risk area of phishing, web and ransomware, a Balbix report reveals

"The findings also determined that 64% of organizations are only, at best, somewhat confident in their security posture, and that the lack of visibility into security is the primary concern for organizations. Specifically, 46% find it hard to tell which vulnerabilities are real threats vs ones that will never be exploited.

Limited visibility of the overall attack surface (37%), and the burden of being inundated with far too many alerts to act upon (25%) were found as additional significant concerns..."

The 10 Biggest Data Breaches Of All Time, July 23rd, 2020
We expect websites, online stores, payment companies, and especially banks to look after the personal data we submit. After all, we've given them their custom, used their online service - it's the least they can do

"And yet, on an almost monthly basis, we learn about new security breaches, where hackers have somehow infiltrated the security precautions of large organizations and stolen a large proportion (if not all) of the customer data.

If you've been hit by ID fraud, cybercriminals might have used leaked records. Wondering if your records have been leaked? Here are the 10 biggest data breaches to date (compiled by Purdue University).

  • We've compiled a list of the best secure VPN providers
  • Stay safe in the cloud with the best cloud antivirus
  • Also check out our roundup of the best identity theft protection

1. Heartland Payment Systems

Affecting at least 100 million people, this hack wasn't detected for 8 months. Hackers stole enough data to create new physical cards. Heartland Payment Systems was forced to pay $140 million in fines and penalties..."

There's a predictive relationship between responsible privacy practices and security outcomes, according to Osano

Companies with inadequate data privacy practices are 80 percent more likely to suffer a data breach than those with the highest-ranked privacy practices and will face fines seven times larger than companies with the best scores in the event of a data breach.

Privacy issues

  • Companies with the lowest privacy scores lost 600% more records than high-scoring companies.

  • The worst privacy actors are the least likely to be able to retrospectively identify the root cause of a breach.

  • Of the entities that get breached, governments have the worst scores.

  • Educational and government websites are 15x more likely to experience a breach than commercial sites.

'In the face of nonstop breaches and increased data security awareness, consumer and shareholder confidence in businesses is slowly eroding. Businesses that fail to protect sensitive data will face serious negative consequences, and the report proves just how these phenomena move hand-in-hand.' said Osano CEO, Arlo Gilbert..."

See all Archived IT - Security articles See all articles from this issue