Weekly Security Roundup #30: Don’t Be a Teenager in Denial about Cyber Security
Understanding cyber security might make you feel like a teenager.
You might be confused, your perspective on things might be proven wrong and things will change all the time.
So we do we try to make this easier for you?
Because you can’t really afford not to care about cyber security, no matter if you’re a user, just like me, or a corporation like General Electric.
If you want to get educated about cyber security – either on a basic or a more advanced level – I’ve put together a list of 50 Cyber Security Online Courses You Should Know About.
How will “getting” cyber security help you?
It will make you savvy about the dangers around you, it will make you aware of cyber threats and it will keep you and your loved ones safe from harm.
As the world around us is ever more connected to the Internet, threats multiply faster than in any sci-fi scenario.
But don’t take my word for it!
Just read the 10 cyber security stories that sum up what happened in the last week:
Security articles of the week
- Miscellaneous errors, such as sending an email to the wrong person
- crimeware (various malware aimed at gaining control of systems)
- insider/privilege misuse
- physical theft/loss
- Web app attacks
- denial-of-service attacks
- point-of-sale intrusions
- and payment card skimmers make up the most of cyber attacks on companies around the world.
The information has been published in the recent Verizon 2015 Data Breach Investigations Report, along with more proof that supports the following observation: cyber attacks and cyber threats are more and more sophisticated and dangerous!
“Good bots” (that provide value to the website they visit) accounted for 36% of traffic this year, up from 21% last year, according to recent statistics. But “bad bots” (used for cyber attacks) were responsible for a huge half of all bot traffic: 23% of Internet traffic this year.
The danger? “They continue to try to adapt their behavior based on what’s getting them caught.”
If you don’t take wireless security seriously, this will make you change your mind: “tens of thousands of home routers have been infected with malware, and are being used by hackers to launch distributed denial-of-service (DDoS) attacks“. You may not be infected (yet), but your resources can be used to launch powerful attacks on others. Give that some thought!
4. No malware was used in this attack. But legitimate Windows file functions and a few homemade scripts were
The oil and gas maritime transportation industry was hit by an especially elusive type of attack that used no malware. According to Panda Labs, “the attackers are stealing information from oil cargo organizations and then using that information to pose as legitimate firms in scams against oil brokers.” Of course antivirus did not detect this attack, and credentials were stolen without malware. Yet another reason to worry about sophisticated forms of attack.
I can’t help but agree with Peter Berlich on his point about staying lean in security. Security should be a priority to all decision makers in an organization, if they value their assets and the company’s value. If the cyber security specialists can’t move fast, it can become fatal to the company’s reputation and performance.
This number is definitely higher: “20% of personnel have witnessed a company hide or cover up a breach.” Companies don’t like to admit they’ve been breached, unless it’s something that can’t be swept under the corporate rug. That’s exactly why prevention should be key. By 2020, the average cost of a data breach will exceed $150 million, so there’s really no time to waste!
Our humanity is one of the biggest security flaws. This is especially obvious in the latest scam targeting a widely used service, such as Yahoo Mail. And although 2-step verification has been around for a while, the majority of users are yet to adopt it. I really hope examples like these can increase adoption.
Celebrities are a constant target for cyber criminals, but Jamie’s team doesn’t seem to have learned too much from the 2 attacks that have hit the chef’s website earlier this year. Jamie’s website has been compromised for the 3rd time in 2 months, serving users a big plate of password-stealing malware. And Celine Dion isn’t too far behind either, with a spam problem looming over her. Dear celebrities, it’s time you really understood what’s going on out there and take the appropriate measures!
This story involving Airbnb and a phishing attempt is no joke. You might get carried away by all the enthusiasm related to planning your vacation and get caught up in a nasty scam. Please beware and even check out this guide we put together for you.
If you still believe that spam is just annoying, consider just how annoying (and dangerous) it really is: 59.2% of all email traffic this year, until now, was spam!
Phishing attempts also rose by 1 million and targeted users primarily from Brazil, India, China and many more countries.
Organizations were under attack as well, mainly from the financial sector (banks), e-commerce sector (online stores and e-payment systems), and global Internet portals, social networking sites and telephone and Internet service providers came in close after.
So I highly recommend keeping vigilant when going online and not only that, but also securing your data with various protection layers.
And if you’ve come across a story that should be on this list, I’d really love to hear about it!