Category: Corporate Risk

AI in Security Carries as Many Questions as Answers

Nearly three-quarters of all organizations have implemented security projects that have some level of intelligence built in. And the more security alerts a company sees in a day, the more likely it is to look to machine intelligence in order to deal with the flood.

Those are just two of the conclusions reached in a new white paper, “The State of AI in Cybersecurity: The Benefits, Limitations and Evolving Questions,” published today by Osterman Research. The report, based on more than 400 surveys of organizations with more than 1,000 employees, asked questions about the use of AI and the results of that use.

Read more about the findings of the new report on Dark Reading.

The solution to dysfunctional cybersecurity and network teams

One might expect people on different teams of a company’s IT department to be on the same page and have a certain amount of work-related trust for each other. However, a BlueCat Networks sponsored International Data Group (IDG) survey found that this isn’t always the case.

Over 65% of respondents indicated their company has experienced two or more cybersecurity events, while only 38% of the survey participants believe their organization is capable of defending against a cybersecurity event. The report does not mince words as to why: “Business investments in network operations and cybersecurity may be shortchanged if the teams responsible for those areas aren’t collaborating.”

Read more about the report’s findings and implications on TechRepublic.

6 Ways to Anger Attackers on Your Network

When you see an attacker on your network, it’s understandable to want to give them a taste of their own medicine. But how can you effectively anger intruders when “hacking back” is illegal?

“There are times when I have really wanted to strike back, but you can’t and you don’t,” says Gene Fredriksen, chief information security strategy for PCSU. However, there are several steps you can take to anger attackers without actively targeting them in response. The idea is to get the bad guy to think twice, he explains, and let them know you’re serious.

Read about some of the most effective ways to frustrate, deceive, and annoy attackers without risking legal consequences, on DarkReading.

Cyber security and small and medium-sized companies

The cybersecurity threat continues to worsen. In the first half of 2018, the number of cyber breaches soared over 140% from a year earlier, leading to 33 billion compromised data records worldwide, reports Gemalto, an international data security company.

Small and medium-sized businesses (SMBs) are increasingly targeted and many are realising that they are viewed as attractive a target as the larger companies. Cisco’s 2018 SMB Cybersecurity Report found that 53% of mid-market companies in 26 countries experienced a breach.

Read more about the growing cyber threat for SMBs and learn how small companies can protect themselves in 2019, on Information Age.

Remote Firmware Attack Renders Servers Unbootable

Security researchers have found a way to corrupt the firmware of a critical component usually found in servers to turn the systems into an unbootable hardware assembly. The recovery procedure requires physical intervention to replace the malicious firmware. Achieving this is done via regular tools used to keep the baseboard management controller (BMC) up to date.

Although deploying the malicious BMC update is possible from a remote location, the destructive step represents the final stage of an attack, so initial access to the target is needed. Using the host-based interface known as the Keyboard Controller Style (KCS), researchers from Eclypsium were able to pass a malicious firmware image to the computer’s BMC.

Read more about the highly disturbing new attack on BleepingComputer.

Lax Controls Leave Fortune 500 Overexposed On the Net

Large companies are leaving easy-to-exploit systems exposed on the public Internet, raising the risk of a serious future compromise, according to data from two cybersecurity firms.

Rapid7 found that the average Fortune 500 firm had approximately 500 servers and devices connected to the Internet, with five- to 10 systems exposing Windows file-sharing or Telnet services. Fifteen out of the 21 industry sectors on which Rapid7 collected data had at lease one member allowing public access to a Windows file-sharing service. Both Rapid7’s report and an earlier report by security monitoring firm BitSight found that larger firms were likely to have self-inflicted holes in their defenses.

Read more about the findings of the two reports on DarkReading.

Most organizations suffered a business-disrupting cyber event

A study conducted by Ponemon Institute found that 60 percent of organizations globally had suffered two or more business-disrupting cyber events — defined as cyber attacks causing data breaches or significant disruption and downtime to business operations, plant and operational equipment — in the last 24 months. Further, 91 percent of respondents had suffered at least one such cyber event in the same time period.

Despite this documented history of damaging attacks, the study found that 54 percent of organizations are not measuring, and therefore don’t understand, the business costs of cyber risk.

Read more about the findings of the new report on Help Net Security.

Cyberattacks Skyrocketed in 2018. Are You Ready for 2019?

Board directors continue to up their investment in cybersecurity. Seventy-three percent  now say their organization requires that third-party vendors meet certain cyber risk requirements—up 30 percentage points from 2016, according to the 2018 BDO Cyber Governance Survey.

This increase in requirements and investment is warranted. During 2018, we have seen a 350% increase in ransomware attacks, a 250% increase in spoofing or business email compromise (BEC) attacks and a 70% increase in spear-phishing attacks in companies overall.  Further, the average cost of a cyber-data breach has risen from $4.9 million in 2017 to $7.5 million in 2018, according to the U.S. Securities and Exchange Commission.

Read more about the increasing cyber risk requirements on IndustryWeek.

Save the Children Foundation duped by hackers into paying out $1 million

Save the Children Foundation has revealed that the charity was targeted by fraudsters last year, leading to the loss of $1 million. The US arm of the non-profit said that con artists managed to compromise an employee’s email account in order to masquerade as the staff member in question.

Once access was gained to the account, the hackers behind the scam created a number of false invoices and related documents which described a need to purchase solar panels for health centers located in Pakistan. The Connecticut-based charity organization fell for the ruse, conducted in May 2017, and approved the transfer of close to $1 million.

Read more about how Save the Children Foundation was scammed on ZDNet.

Half of management teams lack awareness about BPC despite increased attacks

Trend Micro revealed that 43 percent of surveyed organizations have been impacted by a Business Process Compromise (BPC). Despite a high incidence of these types of attacks, 50 percent of management teams still don’t know what these attacks are or how their business would be impacted if they were victimized.

In a BPC attack, criminals look for loopholes in business processes, vulnerable systems and susceptible practices. Once a weakness has been identified, a part of the process is altered to benefit the attacker, without the enterprise or its client detecting the change. If victimized by this type of attack, 85 percent of businesses would be limited from offering at least one of their business lines.

Read more about the findings of the Trend Micro survey on HelpNetSecurity.