Cyberattacks:
Cyber threats vary widely across the globe with some countries at very high risk for attacks. The US is at a low risk for cyber threats. Research released this week from cybersecurity firm SEON shows Denmark with the lowest risk and the U.S ranked No. 3 for the lowest threat of a cyber attack.
This infographic from Seon shows the most common types of cybercrime. (SEON)
The Top 3 countries at low risk of cyber attacks:
-Denmark – Cyber-Safety Score: 8.91
Denmark is the most digitally secure country, according to SEON. Denmark scored high in cybersecurity indices and did well on the Cybersecurity Exposure Index.
-Germany – Cyber-Safety Score: 8.76
“This tells us that Germany is generally a very safe place for people to use the internet. We can attribute this rank to a very good result in the Global Cybersecurity Index combined with comprehensive laws and regulations,” SEON said.
The following article, “‘Trojan Source’ Bug Threatens the Security of All Code”, was obtained from Krebson Security. Academics, namely, researchers from the University of Cambridge discovered that Unicode’s UTF-8 text encoding that handles different languages and allows computers to exchange information could be misused. More specifically, the weakness involves bidirectional (bidi) characters in Unicode that handles displaying text written in right-to-left languages such as Arabic and Hebrew that can switch the display ordering of groups of characters and disguise file extensions of malware or as mentioned previously, misrepresent source code that can lead to a supply-chain attack. The “logic” of the text can easily go undetected because it is challenging for a human code reviewer to detect an invalid source code, especially if it is subtle, and because there are no defenses for it. Furthermore, the bug has the potential to affect most computer code compilers and software development environments and be exploited to write malicious code that says one thing to humans and another to compilers. Considering people already know about the vulnerability, there is a possibility that they might start exploiting it, so the article and academics urge that organizations coordinate and act fast at least by releasing updates to address the security weakness or rewriting software build pipelines to halt if they encounter a bidi character.
Cyber attacks and security threats received by Maryland hospitals are on the rise. Ransomware attacks and cybersecurity threats have become a major concern for national public health organizations and healthcare institutions. The medical network system is being attacked in real-time, and important medical records of the hospital may be kept confidential. Patients may be misdiagnosed because they are unable to obtain files or cause doctors to be unable to obtain the correct information. According to a Sophos survey, one-third of medical institutions are threatened by data encryption extortion.
Hackers are stealing data today so quantum computers can crack it in a decade
Quantum computing promises unprecedented speed and power in computing, it also poses new risks. As this technology advances over the next decade, it is expected to break some encryption methods that are widely used to protect customer data, complete business transactions, and secure communications
The Department of Homeland Security (DHS) has teamed up with the Department of Commerce’s National Institute of Standards and Technology (NIST) to release a roadmap on the best way for organizations to navigate the transition to post-quantum cryptography.
DHS’s new guidance will help organizations prepare for the transition to post-quantum cryptography by identifying, prioritizing, and protecting potentially vulnerable data, algorithms, protocols, and systems
Cyberattacks:
Cyber threats vary widely across the globe with some countries at very high risk for attacks. The US is at a low risk for cyber threats. Research released this week from cybersecurity firm SEON shows Denmark with the lowest risk and the U.S ranked No. 3 for the lowest threat of a cyber attack.
This infographic from Seon shows the most common types of cybercrime. (SEON)
The Top 3 countries at low risk of cyber attacks:
-Denmark – Cyber-Safety Score: 8.91
Denmark is the most digitally secure country, according to SEON. Denmark scored high in cybersecurity indices and did well on the Cybersecurity Exposure Index.
-Germany – Cyber-Safety Score: 8.76
“This tells us that Germany is generally a very safe place for people to use the internet. We can attribute this rank to a very good result in the Global Cybersecurity Index combined with comprehensive laws and regulations,” SEON said.
https://www.foxbusiness.com/technology/countries-most-risk-cyberattacks
The following article, “‘Trojan Source’ Bug Threatens the Security of All Code”, was obtained from Krebson Security. Academics, namely, researchers from the University of Cambridge discovered that Unicode’s UTF-8 text encoding that handles different languages and allows computers to exchange information could be misused. More specifically, the weakness involves bidirectional (bidi) characters in Unicode that handles displaying text written in right-to-left languages such as Arabic and Hebrew that can switch the display ordering of groups of characters and disguise file extensions of malware or as mentioned previously, misrepresent source code that can lead to a supply-chain attack. The “logic” of the text can easily go undetected because it is challenging for a human code reviewer to detect an invalid source code, especially if it is subtle, and because there are no defenses for it. Furthermore, the bug has the potential to affect most computer code compilers and software development environments and be exploited to write malicious code that says one thing to humans and another to compilers. Considering people already know about the vulnerability, there is a possibility that they might start exploiting it, so the article and academics urge that organizations coordinate and act fast at least by releasing updates to address the security weakness or rewriting software build pipelines to halt if they encounter a bidi character.
Link to article: https://krebsonsecurity.com/2021/11/trojan-source-bug-threatens-the-security-of-all-code/
Cybersecurity concerns grow in Maryland hospitals
Cyber attacks and security threats received by Maryland hospitals are on the rise. Ransomware attacks and cybersecurity threats have become a major concern for national public health organizations and healthcare institutions. The medical network system is being attacked in real-time, and important medical records of the hospital may be kept confidential. Patients may be misdiagnosed because they are unable to obtain files or cause doctors to be unable to obtain the correct information. According to a Sophos survey, one-third of medical institutions are threatened by data encryption extortion.
https://www.times-news.com/news/local_news/cybersecurity-concerns-grow-in-maryland-hospitals/article_d222eea8-3a82-11ec-97bd-5b3efe47b9b0.html
Hackers are stealing data today so quantum computers can crack it in a decade
Quantum computing promises unprecedented speed and power in computing, it also poses new risks. As this technology advances over the next decade, it is expected to break some encryption methods that are widely used to protect customer data, complete business transactions, and secure communications
The Department of Homeland Security (DHS) has teamed up with the Department of Commerce’s National Institute of Standards and Technology (NIST) to release a roadmap on the best way for organizations to navigate the transition to post-quantum cryptography.
DHS’s new guidance will help organizations prepare for the transition to post-quantum cryptography by identifying, prioritizing, and protecting potentially vulnerable data, algorithms, protocols, and systems
Link: https://www.infosecurity-magazine.com/news/america-prepare-postquantum/