Weekly Security Roundup #47: (Over)Exposed
The issue of endless browsing and the cyber threats injected in between
When’s the last time you stopped from the never-ending online frenzy we’re all engaged in and really observed your online habits?
If you’ve never done it, it may be a challenging, but rewarding exercise. It’s not so much what social profile you can make out in the end, what economic category defines you or if it shows how good you are at crafts. What I’m trying to call attention to is how your habitual practices expose you to cyber threats.
Now, before you start assessing your online accounts, what you post and when, there’s a fun test we put together that may help you see things differently when it comes to your online protection. Give it a shot, who knows, you may actually enjoy it. 🙂
And then leave this tab open, because we have the 10 essential articles that make the Weekly Security Roundup which are just waiting to be read!
Security articles of the week
There’s so much data coming from cyber attacks carried out by hacktivits that we can actually paint a rather accurate picture of who their favorite targets are. In this article, Carl Herberger, VP Security Solutions at Radware, share the what attributes increase the chances that a company will be attacked by a hacktivist group.
2. UK’s worrying cyber security situation
UK companies and residents have been hit hard by cyber attacks in the past few years, and cyber criminals don’t seem to be taking their eyes off the prize. The news this week read:
The UK suffered the most data breaches in Europe during the first half of 2015, coming second globally only to the United States, according to new data from Gemalto.
The UK was the most attacked nation in the world in Q2 when it came to online fraud, with businesses there hit 50% more frequently than their US counterparts, according to the latest stats from ThreatMetrix.
Online crime worldwide is increasingly displacing conventional forms of property crime, such as burglary and robbery.
In London, for example, police report that organized crime syndicates have been increasingly embracing cybercrime – in particular, payment card fraud and identity scams – given the potential for a vastly greater return on their investment, as well as much lower risk, U.K. cybersecurity expert Alan Woodward says in an interview with Information Security Media Group.
Why is UK such an important target for cyber crime? Because the return on investment for attackers is big! This is also the reason why “UK startups and SMEs face up to threat from ‘DD4BC’ DDoS extortion group”, as John E. Dunn warned in a recent article on TechWorld.
The good part is that the UK government is taking action and working to ensure that companies and residents alike learn how to protect themselves, their data and their financial assets through an array of programs.
Bigger fines, the “right to be forgotten”, legal requirements for organizations to report data breaches, not being able to move data outside the EU – these are just some of the provisions that this law brings about. Although it’s aimed mainly at big businesses, the consequences could also cascade on SMBs as well at some point in the future.
Which is why you should be worries if you don’t have a multilayered protection system.
Read on about Rombertik, the malware that “goes on the offensive to cause harm” and avoid sandboxing, potentially inspiring other malware creators to follow suit. And it’s not the only tactic that second generation malware is using to avoid being picked up by traditional antivirus products. There are at least 9 more.
It seems that, as the years go by, cyber attacks get worse, more numerous and more devastating. So far, 2015 takes the crown for the most breaches and most harm caused to victims, both companies and users. Read on and do something for yourself: learn how to stay safe online.
At the same time, it’s worrisome that, on top of the disclosed and undisclosed security incidents all over the world, there’s an additional estimated 70% of cyber attacks that are never detected or picked up when they’ve already achieved their malicious purpose.
That’s why Americans, and other nations as well, are beginning to worry about this type of threats, and governments (such as the one in the US) are starting to ask for sanctions for those who get involved in planning and delivering cyber attacks.
Marco Dela Vega, Threats Researcher at TrendMicro, wrote an engrossing article about how cyber criminal-owned command and control servers remain resilient, which makes for a fascinating read. And, on the same subject, you can also learn a bit about how law enforcement tackles the issue of the Deep Web and the attackers that roam around it.
Even the FBI is calling upon every user to take cyber security in their own hands, since the IoT is already here and more insecure than you can imagine. There would still be time to change the havoc we’re bringing upon ourselves, by building an immune system to prevent and fight cyber attacks, but no progress is being made in this area yet.
All we can do is learn how to protect ourselves before we’re overwhelmed.
The numbers are in and they’re going to make you feel uneasy (to say the least:
80% increase of malware on Windows devices
230,000 new malware samples detected each day
Interpol estimates cybercriminal activity has cost €750 billion annually in Europe alone. What’s most frightening is that these losses correspond to a significant share of global GDP. The scenario is especially disconcerting when you consider that the World Economic Forum estimated losses up to $3,000 billion over the next six years, threatening businesses of any industry and size.
Learn what you can do about it before you become part of a statistic.
Let’s wrap things up with a long, important article about cyber warfare and its consequences for the cyber security industry that shows how attackers are changing their ways and how that is impacting everyone involved, you and me included. Definitely a must-read!
To use the old saying: cyber security is a marathon, not a sprint. We need become tech savvy, aware of the risks and constantly informed about risks and threats that target us. It won’t be easy, but as we learn more, we can request for better technology that protects us as well as servers our interests and purposes. But we have a long road ahead of us, so we’d better be prepared for a challenge.