“85% of UK’s Top Universities at Risk of Email Fraud”
Proofpoint, an enterprise security company based in California, did a study on universities in the UK, and shown that out of the top 20 colleges, 85% were at risk of email fraud, and only a small percentage have applied a domain-based message authentication (DMARC), an email validator that confirms who the sender is. Schools and colleges have been a key target for cybercriminals to trick students through spear-phishing attacks ever since the pandemic. Within the last couple of years, the majority of those top colleges have identified the need to apply DMARC procedures for their institutions, however, only a few have yet to do so. The cybersecurity strategist at Proofpoint mentioned that UK universities are still not taking proper measures to prevent cybercriminals from getting access to their data, and that authentication procedures such as using DMARC is a crucial instrument in email fraud defenses.
Great article. I’ve seen a similar trend in my work as well. It’s surprising how many companies forgo setting up DMARC. The return on investment is significant and DMARC helps reduce the burden on users to discern the validity of emails. Pairing this with effective security awareness training, similar to what Proofpoint offers, will improve the security posture of most organizations.
Cybersecurity Priorities in 2021: How Can CISOs Re-Analyze and Shift Focus?
Given the responsibility a CISO has in an organization, it is important that leadership is coordinated in acknowledgment of recent cybersecurity trends, sufficient risk assessments, and cognizance of new threats/threat actors. The Hacker News released a list of CISO ‘Cybersecurity Priorities for 2021’, which include the following:
Strengthen Cybersecurity Fundamentals; focus on bettering target hardening tactics such as asset management, threat detection/prevention, etc. Already-existing measures need to be multilayered and continuously patched in accordance to global threat patterns. This ties into technical mitigating controls essential to preserving organizational security objectives.
Cybersecurity Must be a Boardroom Agenda; cybersecurity is still not treated as a business concern. CISO’s and executives need to be aware of the organizational repercussions linked to information security. Enhanced executive cybersecurity awareness and best practices should also trickle down the corporate hierarchy.
Leverage Intelligent Automation and other Advanced Technology; threat actors are using tactics such as behavior analytics, deep learning, intelligent automation, etc. in hacks; it is important for leadership to gain insight on these tactics and implement security strategies incorporating this type of innovation to stay vigiliant.
Shift to a Zero Trust Architecture; this type of architecture will mitigate risks with remote working. By shifting organizational access management, CISO’s need constant visibility/insights on network devices, such as what data is being produced by which devices, how authorizations were granted to users’ etc.
Securing Cloud Architecture; the public cloud is constantly being used by businesses, therefore it is important that CISO’s ensure the proper controls are being implemented to ensure completion of security objectives.
Develop Robust Continuity Plans; using the pandemic as a case study, CISO’s need to ensure businesses have proper BCDR plans and procedures. https://thehackernews.com/2021/09/cybersecurity-priorities-in-2021-how.html
Obtaining support from the board/senior leaders is critical to the success of any cybersecurity program. It’s encouraging to see more companies take this seriously; however, we have a long way to go. It’s surprising that more boards don’t make this a top priority given the outcomes of the Target breach. I’d be curious to see how many CISOs serve on boards and whether the companies have a more robust cybersecurity culture.
This article highlights the vulnerabilities found in unregulated third party code that powers much of the web. The author notes that nearly 65% of websites contained some vulnerability related to such assets. These vulnerabilities are under-reported as the focus tends to be on malicious emails and similar attacks.
The focus on email security is important, but other vectors must be considered. Bad actors can use the same tools on the web that are commonly used with email. The web is arguably more dangerous than email because it is unfiltered. Most email services provide a base level of spam protection. This is not the case with the web. Consumers may not realize their risk exposure as it’s not clear how companies are using third party assets on their sites.
Ultimately it’s up to businesses to put their customer’s safety and privacy first. This will require them to complete their diligence on third party applications and remove assets that cannot be patched. Companies must account for the entire supply chain, inclusive of the web, in their cybersecurity strategy.
I came across this article that states that Florida allocated approximately $30 million to fund the implementation of new cybersecurity measures, but have yet to spend a single cent.
When asked about it, Florida’s Chief Information Officer Jamie Grant gave the response that his office was too short-staffed to come up with a plan, and declined to answer when asked when a plan would be put in place.
I think this potentially highlights a few things when it comes to cybersecurity:
• Cybersecurity may not be considered important yet, hence the delay
• Difficult to find knowledgeable individuals
• Cybersecurity only seems important once something happens (like a breach)
Thanks for sharing the article. It sounds crazy that a state like Florida can’t find enough staff to implement their new cybersecurity system. A big thing to add to your highlights could be that state governments aren’t able to bring in quality employees because of the salaries they offer. States are offering low salaries to potential employees, when the private sector is paying much more. The cyber security market for professionals is hot right now, States like Florida need to change their ways.
This article from ZDnet, highlights that many Americans are still unaware of the scale and frequency in which cyber attacks occur. Roughly 25% of a 2,000 person study had no knowledge of the Colonial Pipeline attack, and half believed their devices do not pose a cybersecurity risk. Unfornately, these are the types of employees that can pose the greatest threat to an organization. Often incident response teams work closely with communication teams. Information regarding critical national security and promiment attacks should be disseminated to staff in cyber-bulletins or briefs via newsletters throughout the organization. By measuring the click-through-rate we can monitor who in the organization takes cyber threats seriously and who may require additional training.
According to this article, the cargo community system suffered a data breach. In the Cargo community, the number of cyberattacks increased between 2019 and 2020. There were 775 attacks on the airline last year and in 150 Airports. Due to such data breaches which resulted in 35% of data leaking they had to bear the 55% financial loss.
Hackers are often into the systems for about eight to nine months, and before they strike when organizations least expect it. When airlines are connected to a lot of smaller entities instead of one or to major organizations the risk of data breaches increase due to lack of strong cybersecurity and infrastructure resulting in constant cyberattacks.
Hackers are targeting smart phones with malicious links promising information on covid-19. A new malware known as TangleBot sends push notifications for appointments, malicious links to news articles on updated regulation for your region, and other malicious links for covid news. Once the target clicks the link, they are taken to a web page that says “adobe flash out of date.” If they continue to click through dialogue boxes, the TangleBot malware is installed.
The malware gains access to the internet, SMS texts, call log, contacts, camera, and microphone. Once it gains access to your contacts, it can send messages to other mobile devices, spreading the malware. It can also steal banking information from your banking apps.
I thought this was a good example of how malware is getting more sophisticated by targeting people using relevant news regarding covid.
This is very concerning as millions of people are always searching for new information about covid as it is constantly updating. I did an article review similar to this but it was through sms text messages that hackers were able to gain access to user credentials.
In the article mentioned above it reviews the massive data leak from Tik-Tok as 238 million profiles were leaked into the dark web. A company called Deep social is said to be accountable for this as they were also banned from Facebook and Instagram as well in 2018 for scraping user profile information. A clear violation to user profile privacy policy still is occurring and the consequences remain low. The estimated damage for compensation is only 92 million, not near to what it generates an estimated 34.3 billion. However, users still continue to use this platform today spite it’s history.
VMware’s vCenter Server is open to exploitation. The server contains a file upload vulnerability in the management utility and is at high risk of being compromised. CISA has said to expect widespread exploitation as the exploit code is publicly available. The good news is there is a patch available, however, this is the second time there has been an exposed vulnerability with Center Servers. I bring this up to say the first time the vulnerability was brought up publicly and the patch was available thousands of servers remained exposed as the end-users did not apply them.
The spoofed email has targeted close to 75K inboxes, slipping past spam and security controls across Office 365, Google Workspace, Exchange, Cisco ESA and more.
The attack is targeting a range of companies across sectors including state and local government, education, financial services, healthcare, and energy, selectively going after a mix of senior executives and cross-departmental employees.
My article this week highlights the disparity between the groups of people affected by cyber crime. A study from from Malwarebytes, Digitunity and Cybercrime Support Network found that women and minorities are hacked more often than other groups. These groups unfortunately feel less safe online, are targeted more often, and they are hit the hardest financially when they are targeted. It also appears that socioeconomic class affects whether individuals feel safe online and if they suffer from higher levels of stress due to cyber attacks.
One of the US healthcare provider Wolfe Eye Clinic had a data breach recently. That data breach had exposed about half a million patients information. In some cases some of the patients protected medical information was being exposed. The incident had occurred on February 8, 2021 but it wasn’t detected until May 28, 2021. Wolfe Eye Clinic is in process of notifying the patients which the information was being exposed due to this data breach. The information that was being exposed to the attacker was the name, mailing address, date of birth, and social security number and for some of the patience their protected medical records were being exposed. Wolfe Eye Clinic had also stated they are in process of implementing a safeguards to mitigate the similar incidents in the future. Wolfe Eye Clinic has also provided the affected users with 12 month credit monitoring.
Thanks for sharing the article. I used to work in healthcare and it was always brought to my attention to keep records safe. It is important to protect patients and their confidential health records. The patient’s are the life line of these healthcare providers, there is too much at stake to not protect them accordingly.
This week’s article speaks on the disparity of salary and available jobs between state government vs federal and the private sector.
State governments are falling behind in obtaining and retaining cyber security professionals. States are offering unpaid internships to potential employees and starting salaries are around 25K less than what the private sector is offering. Currently, states are needing to fill about 9K jobs, while the Department of homeland security has about 2K in unfilled positions. IT security is a “hypercompetitive field and state and federal government are looking for ways to obtain cyber professionals. Such as competitions and scholarships to produce more cyber professionals. Since the industry is in such demand for cyber security professionals, the opportunities seem endless for cyber professionals looking for a career. https://www.insurancejournal.com/news/national/2021/09/28/634060.htm
This article provides data behind the statement that income level, education, and being part of a disadvantaged population are all contributions towards cybercrime. One of the stats provided is that 79% of women receive text messages from unknown numbers with possible malicious links, compared to 73% for men. Also, 46% of women have had their social media accounts hacked, compared to 37% for men. As for minorities, 45% of minorities have had their social media accounts hacked compared to 40% for white people. A stat that I found to be very important is that 21-23% of women and minorities deal with substantial stress when dealing with suspicious online activity. The constant attempts of attack on their devices and accounts have led many to feel a loss of privacy and over 53% of women say that they feel unsafe when they’re online.
Income also plays a huge role in who hackers go after. The research shows that people with a low-level income are significantly more stressed than people with a high-level income, even though high-level income people actually lost more money due to these attacks. It goes to show the exhaustion low-level income have from constantly receiving suspicious messages and emails. The article goes on to acknowledge that money plays an important role in your feeling of safety online. They conclude that “The more money you make, the more comfortable you are online.”
The article I read this week was actually written today. It is is titled “5 Personal Cyber Security Tips”, and, as the name suggests, puts an emphasis on the need for increased cyber security due to ever evolving cyber attacks. This is backed up with a statistic provided by Statista, noting that the number of cyber breaches in 2020 was almost double the amount of what we experienced a decade ago. Almost everything we use is online these days, whether it be personal or work related. With that, our reliance on the internet has increased as well. Because of this, we are constantly at a risk. To make ourselves feel more secure, the article lists 5 tips we should always practice in regards to our internet safety. First, we should always avoid suspicious emails, urls, and websites, as phishing attacks are one of the most common cyber threats. The tip here is to make sure you’re fully confident that what you’re clicking is not a phishing attempt. The second tip is to use a password manager. We live in an era where software is capable of breaking through unsophisticated passwords. To avoid that, password managers are able to create a very complex password and also keep the password secure. The third tip is to keep operating software updated. Because threats are constantly evolving, software providers are constantly upgrading security features, and we should make sure to always have the latest available. The 4th tip is to constantly change your password. By regularly changing your password into something new and complex, you greatly reduce the risk of experiencing a cyber attack. The final tip is to enable two-factor authentication on your devices. Even with a complex password, it does not hurt to add an additional layer of security to make sure you’re truly protected as much as you can be. Most security attacks are due to human error. By being more aware as cyber threats evolve, we can reduce the level of risk we face.
On September 23rd members of the Senate Homeland Security Committee discussed two bills of legislation that they would like to be passed by congress:
– A bill requiring companies in critical sectors to promptly alert the Cybersecurity and Infrastructure Agency (CISA) when they’re hacked — CISA would then share that information with other companies that might be in danger
– And a full rewrite of the major law governing federal information security requirements and procedures
According to this article there hasn’t been many laws passed recently in an effort to deter Cybercrime. However, after several ransomware attacks that have been detrimental to US infrastructure and its economy; such as the gas pipeline hack, there seems to be a change in the making. I think this article was very intriguing and worth reading. It gives insight on how congress is interested in getting more involved with the private sector in information security matters. In the past a few bills regarding cybersecurity which were introduced to congress were not successful in ultimately becoming law, nevertheless these two bills have high hopes to become legislation due to recent IT security events that have had a high impact.
This blog from ISACA attempts to explore ways in which organizations should facilitate their security awareness and training programs. The article notes that many organizations tend to utilize and require their employees to partake in the same Cybersecurity trainings year over year. Kris Martel, who wrote the blog, notes that these trainings are essentially ineffective as hackers are aware of the principles taught in the trainings and he believes they do not prepare an organizations employees to protect themselves. Furthermore, Martel notes that hackers are constantly evolving their skills to identify new attack vectors, which are not always included or updated within an organizations Cybersecurity awareness and training program. Martel writes, “Cybercriminals are always looking for new ways to infiltrate and attack organizations. So why not think like the enemy and create a cybersecurity awareness training program that resembles what the real cybercriminals will do?” Martel believes it’s essential for an organization to make the training feel personnel and interactive so that employees can actually decipher how a security incident could effect them. Martel finishes the blog stating, “Branding your cyber awareness training as a monthly opportunity to hack your coworker and then showing them how the cyber criminals are “hacking” the user will increase awareness and strengthen cybersecurity practices”.
So I figured I would look into the colonial pipeline being shut down earlier this year since it caused mass chaos and panic. This topic always intrigues me since in earlier posts and discussions I see these types of threats being an inevitable danger to the modern world; and that eventually we might see an catastrophic event that could be on the scale that could affect entire subsections of a population.
Anyhow what I found intriguing is that in each of these articles it’s usually something very simple where the exploit is found. The attackers got hold of a password and simply logged in through a VPN which resulted in them breaching access to the system. I cannot find any recent articles that discusses how the hackers obtained the password – but the CEO claims that it was more than just a simple password. In these situations; especially with multi-million dollar operations spent in business, how security hygiene is always overlooked. Something as simple as not having dual-factor authentication enabled lead to one of the most painful to watch events of 2021 as gas shortages were struck everywhere in southern states.
Ultimately this raises the question for me that as cybersecurity posture and technology advances – so does the capability to do massive damage as more tools are placed into the hands of cybercriminals.
“States at disadvantage in race to recruit cybersecurity pros”
Written by Kathleen Foody
Published by Associated Press (apnews.com)
The article I chose to summarize this week talks about how state governments are falling far behind in the race to hire cybersecurity employees compared to the federal government and private firms. The main reason for this is because state governments have less money to give – the average salary for a state government cybersecurity employee is around $90,000, whereas the federal government and private firms average salary is around $110,00. Other reasons that state governments are unable to keep up with their competition is because they are less commonly at college career fairs and because their internship and training programs are less developed.
A main perk to working for a state government is that, supposedly, there is better work/life balance. The article mentioned how cybersecurity employees for Microsoft, Amazon, and other large firms frequently have to bring their work home with them and respond to cyber threats on-call.
Personally, I think that if a states computer systems were made unavailable and being held for ransom that the cybersecurity professionals working for that state would be forced to start working immediately, but I could be wrong.
In brief summary, state governments are having a harder time hiring cybersecurity employees than the federal government and private firms because they can’t offer as much money, their training programs are less developed, and they don’t market themselves as well as their competition. Unfortunately for them, cybersecurity is just as (if not more) necessary than for many of their competitors, so hopefully state governments across the country figure out ways they can be more competitive in the hiring process in the near future.
That’s Not the U.S. Department of Transportation; It’s A Phishing Attack
A phishing campaign is impersonating the U.S. Department of Transportation (USDOT), according to INKY (creators of the INKY phish fence and solution providers to zero-day phishing attacks). The campaign targets infrastructure contractors who are eager to bid for a contract because of the U.S. Senate’s recent signing of the $1 trillion infrastructure bill on Tuesday, August 10, 2021.
The phishing emails contain links that lead to a phishing site informing users that the U.S. Department of Transportation “is seeking quotations from businesses (RFQ) for ongoing government infrastructure projects that may kick off soon.
The site then asks interested users to proceed, BID by clicking on the BID Button and signing in with their email accounts to connect to the USDOT network. The phishing site is an exact clone of the USDOT’s website, and the instructions are obvious and convincing. The instructions also tell the victim to contact a USDOT email address that the attackers created and control. This is now very common in the phishing universe, wherein a service is used as an attack. I believe the terminology is “Phishing-as-a-Service.
Since our lecture topic will be security awareness and training this week, I picked a relevant article that would address some of the real life issues in lack of SETA. The article simply talks about the increase in the cyberattacks since the organizations in UK have transformed their business operations to online during covid-19 outbreak. The president of the EU commission warns employers about attackers that are attracted by remotely working employees.
Recent research by Promon explains that two-thirds of remote employees are not given training in the past 12 months for security awareness and 77% of them not feeling worried about cyberattacks can happen due the new working conditions. Another interesting statistic, the personal mobile usage by 61% while working on company data, also addresses the lack of training and the education towards security awareness. The decreased level of security on personal mobile devices increases the vulnerability for the sensitive data.
Phishing examples can be performed by attackers include attachment looking ransomware, where employees easily click and download to their devices or fake links to web pages that can steal sensitive information. The simple but dangerous examples of these attacks easily access the information that should have been protected. Therefore, the article highlights the need of training to ensure security awareness throughout the organization: “Security awareness is not once a year activity, it needs to be an ongoing activity where employees are continually reminded of these threats that are present to identify and report”.
First, the article briefly reviews the advancing technology across the corporate landscape, specifically talking about network infrastructure and how it needs to be constantly improved to compete in the modern business environment as data gets stored in more diverse complex forms. It proceeds to discuss the increasingly difficult problem that IT teams are faced with: the balance of desired performance with respect to security that actually abides by policies in practice to safeguard the applications, networks, and user information in a “distributed infrastructure.” The distributed infrastructure in place needs security that is often fragmented around individual elements which cannot effectively, if at all, interoperate. This issue provides attackers with larger attack surfaces via security gaps and inconsistencies. The author argues that the solution is ZTA, or zero trust architecture, which would fill in these security gaps and unify the dynamic and divided environment under one consistent security solution by “securing access to everything, whether inside or outside the core network.” It also monitors any device requesting resource access. With many observing the large number of remote workers and possible increase in it, Zero Trust Network Access, ZTNA, is a network application of ZTA that “extend[s] secure access controls to critical applications for any user or device, per use, whether they are on or off the network” Furthermore, it also validates credentials by observing whether the device has permission to access the network. If it is decided that it does indeed, an encrypted tunnel connection is then created along with logs, and the connection is monitored. It would be interesting to see this become a widespread solution as the author argues it will be as it addresses many common concerns that are relevant right now considering many workers with remote network access, as well as cloud security.
“To avoid cyberattacks, companies need to think like hackers.”
1. Analyze and prioritize digital assets
The best defense starts with analyzing an organization’s assets and the potential cost of an attack from a business perspective. For example, when a website is restored from a backup (when customers complain about inaccessibility on social media), an attack that takes an organization offline for hours is an attack that an organization needs to invest a lot of effort to prevent. At the same time, attacks that destroy servers containing unused or old applications are less worrying.
2. Think like hackers
Understanding the psychology of hackers is crucial. Hackers will look for the highest quality assets that provide the lowest resistance. To prevent attacks, companies need to devote most of their security efforts, resources, and budgets to protecting the server and setting up more barriers to access the server. Attacking a server with multiple layers of defense is more work, so hackers are more likely to focus on an easier target. The organization’s first task must be to establish defensive measures for critical assets so that hackers will divert their attention elsewhere.
3. Constant review and adjustment
Many cyber security plans do not consider the fact that modifications should be made and changes implemented often. A good security plan needs to be constantly reviewed and updated. Most organizations plan and execute a long-term project and do not build in the agility and flexibility required for the updates that should be made continuously.
The article I chose this week is about the ongoing importance of measuring and showing value of security awareness training. As practitioners we can be blind to the fact that other people might not be aware of the importance of security awareness. It is 2nd nature to us and therefore sometimes surprising that people don’t immediately see the importance of this kind of training. This article talks about a 3 step approach to defining measures inside an organization: 1) Establish a Vision 2) Develop Outcome Driven Measures 3) Link the Operational Outcomes to Business Benefits. I liked the fact that #3 was called out explicitly. If this is not done, then security can be relegated to the level of ‘OverHead’ which most organizations aggressively seek to minimize. However, shifting the value of security awareness training by showing business benefits changes the conversation!
I agree with your points. I learned the importance of the value of security awareness training through this week’s assignment. People tend to overlook common security prevalence issues. If security is improved by prevention before all problems begin, then the cost required to patch vulnerabilities later is reduced.
“This Android Trojan Stole Millions of Dollars from Over 10 Million Users”
Android’s seemingly harmless Trojan has stolen millions of dollars from more than 10 million users. Zimperium zLabs refers to the malicious Trojan as “GriftHorse”. The money-making scheme has been actively growing since November 2020, with victims in various countries, such as Australia, Canada, China and others. The malicious application caters to a variety of categories, which is why it scales up its attacks. When looking at store descriptions and requested permissions, these malicious Android apps charge users monthly for premium services they subscribe to without their knowledge and consent. The programs were removed after disclosure to Google. But they continue to be available in untrusted third-party app repositories, again highlighting the risks associated with side-loading arbitrary apps and how they can be a pathway for malware intrusion.
The article basically talks about Cybersecurity as a global phenomenon representing a complex socio-technical challenge for governments, but demanding the involvement of all manners individuals to participate in its eradication process.. Though cybersecurity is primarily thought to be one of the most important challenges faced by governments today, the visibility and public awareness increasingly remains limited in its determinations.. Almost everybody has heard of or talked about cybersecurity everyday, yet, the sense of urgency and behavior of persons do not reflect high level of awareness being bandied about And that is why it is becoming absolutely necessary that everyone must own it as responsibility to do his or her part. The Internet is all too often considered as a safe environment for sharing information, transactions and controlling the physical world. Yet, cyberwars are already ongoing, and there is an urgent need to be better prepared for eventualities. The inability to frame cybersecurity has resulted in a failure to develop suitable policies. In this article discusses the challenges in framing policy on cybersecurity and offer strategies for better communicating cybersecurity. Communicating cybersecurity is beset with paradoxes, which has resulted in society not taking appropriate measures to deal with the threats. The limited visibility and awareness of threat , socio-technological complexity, ambiguous impact and the contested nature of fighting cybersecurity complicates policy-making to avert its resultants repercussions.
The article could be accessed on https://www.sciencedirect.com/science/article/pii/S0740624x17300540.
This article is about a data breach that was investigated at US truck maker called Navistar exposing employee healthcare information. Basically they learned of a security incident and decided to hire expert to investigate. This incident happened in May and by the end of May, the experts found out that an unauthorized third party had accessed and taken certain data from Navistar’s IT systems.
As of September 24, 2021, Apple’s iCloud Private Relay feature could leak a user’s IP address. This can happen by a user not having the most update operating system version. The article states, “if you read the IP address from an HTTP request received by your server, you will get the IP address of the egress proxy. Nevertheless, you can get the real client’s IP through WebRTC.” WebRTC is Web Real-Time Communication.
With the new update, iOS 15, can protect Apple users against IP address, location, and DNS requests from websites and network service providers. Unfortunately, the article mentions “the leak has remained unpatched when using iCloud Private Relay on iOS15.
It is recommended that Apple users turn off JacaScript from the web.
Security Awareness Training – Keys to Delivering a Successful Program
Security awareness training is no longer a “nice-to-have” for organizations. End users have become a critical component of effective security postures. Employees must have a strong understanding of cybersecurity best practices and learn how to detect and defend against targeted attacks. This shift in priority is needed to address an ongoing trend in the larger threat landscape.
Cybercriminals have moved away from complicated, time-consuming technical exploits to concentrate on end users, a large and frequently vulnerable attack surface. Small or large, nearly every attack now begins in the same way: by relentlessly targeting people through email, social networks, and/or cloud and mobile applications.
Christopher Clayton says
“85% of UK’s Top Universities at Risk of Email Fraud”
Proofpoint, an enterprise security company based in California, did a study on universities in the UK, and shown that out of the top 20 colleges, 85% were at risk of email fraud, and only a small percentage have applied a domain-based message authentication (DMARC), an email validator that confirms who the sender is. Schools and colleges have been a key target for cybercriminals to trick students through spear-phishing attacks ever since the pandemic. Within the last couple of years, the majority of those top colleges have identified the need to apply DMARC procedures for their institutions, however, only a few have yet to do so. The cybersecurity strategist at Proofpoint mentioned that UK universities are still not taking proper measures to prevent cybercriminals from getting access to their data, and that authentication procedures such as using DMARC is a crucial instrument in email fraud defenses.
https://www.infosecurity-magazine.com/news/uk-universities-risk-email-fraud/
Matthew Bryan says
Great article. I’ve seen a similar trend in my work as well. It’s surprising how many companies forgo setting up DMARC. The return on investment is significant and DMARC helps reduce the burden on users to discern the validity of emails. Pairing this with effective security awareness training, similar to what Proofpoint offers, will improve the security posture of most organizations.
Lauren Deinhardt says
Cybersecurity Priorities in 2021: How Can CISOs Re-Analyze and Shift Focus?
Given the responsibility a CISO has in an organization, it is important that leadership is coordinated in acknowledgment of recent cybersecurity trends, sufficient risk assessments, and cognizance of new threats/threat actors. The Hacker News released a list of CISO ‘Cybersecurity Priorities for 2021’, which include the following:
Strengthen Cybersecurity Fundamentals; focus on bettering target hardening tactics such as asset management, threat detection/prevention, etc. Already-existing measures need to be multilayered and continuously patched in accordance to global threat patterns. This ties into technical mitigating controls essential to preserving organizational security objectives.
Cybersecurity Must be a Boardroom Agenda; cybersecurity is still not treated as a business concern. CISO’s and executives need to be aware of the organizational repercussions linked to information security. Enhanced executive cybersecurity awareness and best practices should also trickle down the corporate hierarchy.
Leverage Intelligent Automation and other Advanced Technology; threat actors are using tactics such as behavior analytics, deep learning, intelligent automation, etc. in hacks; it is important for leadership to gain insight on these tactics and implement security strategies incorporating this type of innovation to stay vigiliant.
Shift to a Zero Trust Architecture; this type of architecture will mitigate risks with remote working. By shifting organizational access management, CISO’s need constant visibility/insights on network devices, such as what data is being produced by which devices, how authorizations were granted to users’ etc.
Securing Cloud Architecture; the public cloud is constantly being used by businesses, therefore it is important that CISO’s ensure the proper controls are being implemented to ensure completion of security objectives.
Develop Robust Continuity Plans; using the pandemic as a case study, CISO’s need to ensure businesses have proper BCDR plans and procedures.
https://thehackernews.com/2021/09/cybersecurity-priorities-in-2021-how.html
Matthew Bryan says
Obtaining support from the board/senior leaders is critical to the success of any cybersecurity program. It’s encouraging to see more companies take this seriously; however, we have a long way to go. It’s surprising that more boards don’t make this a top priority given the outcomes of the Target breach. I’d be curious to see how many CISOs serve on boards and whether the companies have a more robust cybersecurity culture.
Matthew Bryan says
This article highlights the vulnerabilities found in unregulated third party code that powers much of the web. The author notes that nearly 65% of websites contained some vulnerability related to such assets. These vulnerabilities are under-reported as the focus tends to be on malicious emails and similar attacks.
The focus on email security is important, but other vectors must be considered. Bad actors can use the same tools on the web that are commonly used with email. The web is arguably more dangerous than email because it is unfiltered. Most email services provide a base level of spam protection. This is not the case with the web. Consumers may not realize their risk exposure as it’s not clear how companies are using third party assets on their sites.
Ultimately it’s up to businesses to put their customer’s safety and privacy first. This will require them to complete their diligence on third party applications and remove assets that cannot be patched. Companies must account for the entire supply chain, inclusive of the web, in their cybersecurity strategy.
Article: Why Cybersecurity Awareness Must Include The Entire Web Supply Chain
Author: Chris Olson
Published: Sep 21, 2021
Link: https://www.forbes.com/sites/forbestechcouncil/2021/09/21/why-cybersecurity-awareness-must-include-the-entire-web-supply-chain/?sh=60f39753fa97
Andrew Nguyen says
I came across this article that states that Florida allocated approximately $30 million to fund the implementation of new cybersecurity measures, but have yet to spend a single cent.
When asked about it, Florida’s Chief Information Officer Jamie Grant gave the response that his office was too short-staffed to come up with a plan, and declined to answer when asked when a plan would be put in place.
I think this potentially highlights a few things when it comes to cybersecurity:
• Cybersecurity may not be considered important yet, hence the delay
• Difficult to find knowledgeable individuals
• Cybersecurity only seems important once something happens (like a breach)
https://www.infosecurity-magazine.com/news/florida-yet-to-spend-30m-for/
Corey Arana says
Hi Andrew,
Thanks for sharing the article. It sounds crazy that a state like Florida can’t find enough staff to implement their new cybersecurity system. A big thing to add to your highlights could be that state governments aren’t able to bring in quality employees because of the salaries they offer. States are offering low salaries to potential employees, when the private sector is paying much more. The cyber security market for professionals is hot right now, States like Florida need to change their ways.
Kelly Sharadin says
This article from ZDnet, highlights that many Americans are still unaware of the scale and frequency in which cyber attacks occur. Roughly 25% of a 2,000 person study had no knowledge of the Colonial Pipeline attack, and half believed their devices do not pose a cybersecurity risk. Unfornately, these are the types of employees that can pose the greatest threat to an organization. Often incident response teams work closely with communication teams. Information regarding critical national security and promiment attacks should be disseminated to staff in cyber-bulletins or briefs via newsletters throughout the organization. By measuring the click-through-rate we can monitor who in the organization takes cyber threats seriously and who may require additional training.
https://www.zdnet.com/article/survey-finds-massive-gap-in-awareness-of-cyberattacks/
Mohammed Syed says
https://theloadstar.com/sharp-increase-in-aviation-cyber-attacks-leaves-air-cargo-vulnerable/
According to this article, the cargo community system suffered a data breach. In the Cargo community, the number of cyberattacks increased between 2019 and 2020. There were 775 attacks on the airline last year and in 150 Airports. Due to such data breaches which resulted in 35% of data leaking they had to bear the 55% financial loss.
Hackers are often into the systems for about eight to nine months, and before they strike when organizations least expect it. When airlines are connected to a lot of smaller entities instead of one or to major organizations the risk of data breaches increase due to lack of strong cybersecurity and infrastructure resulting in constant cyberattacks.
Madalyn Stiverson says
Hackers are targeting smart phones with malicious links promising information on covid-19. A new malware known as TangleBot sends push notifications for appointments, malicious links to news articles on updated regulation for your region, and other malicious links for covid news. Once the target clicks the link, they are taken to a web page that says “adobe flash out of date.” If they continue to click through dialogue boxes, the TangleBot malware is installed.
The malware gains access to the internet, SMS texts, call log, contacts, camera, and microphone. Once it gains access to your contacts, it can send messages to other mobile devices, spreading the malware. It can also steal banking information from your banking apps.
I thought this was a good example of how malware is getting more sophisticated by targeting people using relevant news regarding covid.
https://www.infosecurity-magazine.com/news/complex-new-sms-malware-discovered/
Wilmer Monsalve says
This is very concerning as millions of people are always searching for new information about covid as it is constantly updating. I did an article review similar to this but it was through sms text messages that hackers were able to gain access to user credentials.
Wilmer Monsalve says
https://www.businessinsider.in/tech/apps/news/tiktok-instagram-and-youtube-data-leak-exposes-data-of-235-million-users/articleshow/77668688.cms
In the article mentioned above it reviews the massive data leak from Tik-Tok as 238 million profiles were leaked into the dark web. A company called Deep social is said to be accountable for this as they were also banned from Facebook and Instagram as well in 2018 for scraping user profile information. A clear violation to user profile privacy policy still is occurring and the consequences remain low. The estimated damage for compensation is only 92 million, not near to what it generates an estimated 34.3 billion. However, users still continue to use this platform today spite it’s history.
Dhaval Patel says
VMware’s vCenter Server is open to exploitation. The server contains a file upload vulnerability in the management utility and is at high risk of being compromised. CISA has said to expect widespread exploitation as the exploit code is publicly available. The good news is there is a patch available, however, this is the second time there has been an exposed vulnerability with Center Servers. I bring this up to say the first time the vulnerability was brought up publicly and the patch was available thousands of servers remained exposed as the end-users did not apply them.
https://www.darkreading.com/vulnerabilities-threats/cisa-says-wide-exploitation-likely-of-new-vmware-center-server-flaw
Jason Burwell says
Credential Spear-Phishing Uses Spoofed Zix Encrypted Email
The spoofed email has targeted close to 75K inboxes, slipping past spam and security controls across Office 365, Google Workspace, Exchange, Cisco ESA and more.
The attack is targeting a range of companies across sectors including state and local government, education, financial services, healthcare, and energy, selectively going after a mix of senior executives and cross-departmental employees.
https://threatpost.com/credential-spear-phishing-uses-spoofed-zix-encrypted-email/175044/?web_view=true
Ryan Trapp says
My article this week highlights the disparity between the groups of people affected by cyber crime. A study from from Malwarebytes, Digitunity and Cybercrime Support Network found that women and minorities are hacked more often than other groups. These groups unfortunately feel less safe online, are targeted more often, and they are hit the hardest financially when they are targeted. It also appears that socioeconomic class affects whether individuals feel safe online and if they suffer from higher levels of stress due to cyber attacks.
https://threatpost.com/women-minorities-hacked/175038/
Vraj Patel says
One of the US healthcare provider Wolfe Eye Clinic had a data breach recently. That data breach had exposed about half a million patients information. In some cases some of the patients protected medical information was being exposed. The incident had occurred on February 8, 2021 but it wasn’t detected until May 28, 2021. Wolfe Eye Clinic is in process of notifying the patients which the information was being exposed due to this data breach. The information that was being exposed to the attacker was the name, mailing address, date of birth, and social security number and for some of the patience their protected medical records were being exposed. Wolfe Eye Clinic had also stated they are in process of implementing a safeguards to mitigate the similar incidents in the future. Wolfe Eye Clinic has also provided the affected users with 12 month credit monitoring.
References:
https://portswigger.net/daily-swig/data-breach-at-us-eye-clinic-impacting-500-000-patients-potentially-exposed-private-medical-information
Corey Arana says
Hi Vraj,
Thanks for sharing the article. I used to work in healthcare and it was always brought to my attention to keep records safe. It is important to protect patients and their confidential health records. The patient’s are the life line of these healthcare providers, there is too much at stake to not protect them accordingly.
Corey Arana says
This week’s article speaks on the disparity of salary and available jobs between state government vs federal and the private sector.
State governments are falling behind in obtaining and retaining cyber security professionals. States are offering unpaid internships to potential employees and starting salaries are around 25K less than what the private sector is offering. Currently, states are needing to fill about 9K jobs, while the Department of homeland security has about 2K in unfilled positions. IT security is a “hypercompetitive field and state and federal government are looking for ways to obtain cyber professionals. Such as competitions and scholarships to produce more cyber professionals. Since the industry is in such demand for cyber security professionals, the opportunities seem endless for cyber professionals looking for a career.
https://www.insurancejournal.com/news/national/2021/09/28/634060.htm
Michael Galdo says
Women, Minorities Are Hacked More Than Others
This article provides data behind the statement that income level, education, and being part of a disadvantaged population are all contributions towards cybercrime. One of the stats provided is that 79% of women receive text messages from unknown numbers with possible malicious links, compared to 73% for men. Also, 46% of women have had their social media accounts hacked, compared to 37% for men. As for minorities, 45% of minorities have had their social media accounts hacked compared to 40% for white people. A stat that I found to be very important is that 21-23% of women and minorities deal with substantial stress when dealing with suspicious online activity. The constant attempts of attack on their devices and accounts have led many to feel a loss of privacy and over 53% of women say that they feel unsafe when they’re online.
Income also plays a huge role in who hackers go after. The research shows that people with a low-level income are significantly more stressed than people with a high-level income, even though high-level income people actually lost more money due to these attacks. It goes to show the exhaustion low-level income have from constantly receiving suspicious messages and emails. The article goes on to acknowledge that money plays an important role in your feeling of safety online. They conclude that “The more money you make, the more comfortable you are online.”
https://threatpost.com/women-minorities-hacked/175038/
Alexander William Knoll says
The article I read this week was actually written today. It is is titled “5 Personal Cyber Security Tips”, and, as the name suggests, puts an emphasis on the need for increased cyber security due to ever evolving cyber attacks. This is backed up with a statistic provided by Statista, noting that the number of cyber breaches in 2020 was almost double the amount of what we experienced a decade ago. Almost everything we use is online these days, whether it be personal or work related. With that, our reliance on the internet has increased as well. Because of this, we are constantly at a risk. To make ourselves feel more secure, the article lists 5 tips we should always practice in regards to our internet safety. First, we should always avoid suspicious emails, urls, and websites, as phishing attacks are one of the most common cyber threats. The tip here is to make sure you’re fully confident that what you’re clicking is not a phishing attempt. The second tip is to use a password manager. We live in an era where software is capable of breaking through unsophisticated passwords. To avoid that, password managers are able to create a very complex password and also keep the password secure. The third tip is to keep operating software updated. Because threats are constantly evolving, software providers are constantly upgrading security features, and we should make sure to always have the latest available. The 4th tip is to constantly change your password. By regularly changing your password into something new and complex, you greatly reduce the risk of experiencing a cyber attack. The final tip is to enable two-factor authentication on your devices. Even with a complex password, it does not hurt to add an additional layer of security to make sure you’re truly protected as much as you can be. Most security attacks are due to human error. By being more aware as cyber threats evolve, we can reduce the level of risk we face.
https://www.hackread.com/5-personal-cyber-security-tips/
Joshua Moses says
On September 23rd members of the Senate Homeland Security Committee discussed two bills of legislation that they would like to be passed by congress:
– A bill requiring companies in critical sectors to promptly alert the Cybersecurity and Infrastructure Agency (CISA) when they’re hacked — CISA would then share that information with other companies that might be in danger
– And a full rewrite of the major law governing federal information security requirements and procedures
According to this article there hasn’t been many laws passed recently in an effort to deter Cybercrime. However, after several ransomware attacks that have been detrimental to US infrastructure and its economy; such as the gas pipeline hack, there seems to be a change in the making. I think this article was very intriguing and worth reading. It gives insight on how congress is interested in getting more involved with the private sector in information security matters. In the past a few bills regarding cybersecurity which were introduced to congress were not successful in ultimately becoming law, nevertheless these two bills have high hopes to become legislation due to recent IT security events that have had a high impact.
https://www.washingtonpost.com/politics/2021/09/24/congress-is-finally-going-big-cyber/
Bryan Garrahan says
https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2019/improving-cybersecurity-awareness-through-hacking
This blog from ISACA attempts to explore ways in which organizations should facilitate their security awareness and training programs. The article notes that many organizations tend to utilize and require their employees to partake in the same Cybersecurity trainings year over year. Kris Martel, who wrote the blog, notes that these trainings are essentially ineffective as hackers are aware of the principles taught in the trainings and he believes they do not prepare an organizations employees to protect themselves. Furthermore, Martel notes that hackers are constantly evolving their skills to identify new attack vectors, which are not always included or updated within an organizations Cybersecurity awareness and training program. Martel writes, “Cybercriminals are always looking for new ways to infiltrate and attack organizations. So why not think like the enemy and create a cybersecurity awareness training program that resembles what the real cybercriminals will do?” Martel believes it’s essential for an organization to make the training feel personnel and interactive so that employees can actually decipher how a security incident could effect them. Martel finishes the blog stating, “Branding your cyber awareness training as a monthly opportunity to hack your coworker and then showing them how the cyber criminals are “hacking” the user will increase awareness and strengthen cybersecurity practices”.
Michael Duffy says
So I figured I would look into the colonial pipeline being shut down earlier this year since it caused mass chaos and panic. This topic always intrigues me since in earlier posts and discussions I see these types of threats being an inevitable danger to the modern world; and that eventually we might see an catastrophic event that could be on the scale that could affect entire subsections of a population.
Anyhow what I found intriguing is that in each of these articles it’s usually something very simple where the exploit is found. The attackers got hold of a password and simply logged in through a VPN which resulted in them breaching access to the system. I cannot find any recent articles that discusses how the hackers obtained the password – but the CEO claims that it was more than just a simple password. In these situations; especially with multi-million dollar operations spent in business, how security hygiene is always overlooked. Something as simple as not having dual-factor authentication enabled lead to one of the most painful to watch events of 2021 as gas shortages were struck everywhere in southern states.
Ultimately this raises the question for me that as cybersecurity posture and technology advances – so does the capability to do massive damage as more tools are placed into the hands of cybercriminals.
https://www.reuters.com/business/colonial-pipeline-ceo-tells-senate-cyber-defenses-were-compromised-ahead-hack-2021-06-08/
Richard Hertz says
Good guys need to get it right 100% of the time, bad guys just need to get lucky once….
Michael Jordan says
“States at disadvantage in race to recruit cybersecurity pros”
Written by Kathleen Foody
Published by Associated Press (apnews.com)
The article I chose to summarize this week talks about how state governments are falling far behind in the race to hire cybersecurity employees compared to the federal government and private firms. The main reason for this is because state governments have less money to give – the average salary for a state government cybersecurity employee is around $90,000, whereas the federal government and private firms average salary is around $110,00. Other reasons that state governments are unable to keep up with their competition is because they are less commonly at college career fairs and because their internship and training programs are less developed.
A main perk to working for a state government is that, supposedly, there is better work/life balance. The article mentioned how cybersecurity employees for Microsoft, Amazon, and other large firms frequently have to bring their work home with them and respond to cyber threats on-call.
Personally, I think that if a states computer systems were made unavailable and being held for ransom that the cybersecurity professionals working for that state would be forced to start working immediately, but I could be wrong.
In brief summary, state governments are having a harder time hiring cybersecurity employees than the federal government and private firms because they can’t offer as much money, their training programs are less developed, and they don’t market themselves as well as their competition. Unfortunately for them, cybersecurity is just as (if not more) necessary than for many of their competitors, so hopefully state governments across the country figure out ways they can be more competitive in the hiring process in the near future.
https://apnews.com/article/business-technology-internships-0d7fc0ee18295585292b2e13b62e88f3
Olayinka Lucas says
That’s Not the U.S. Department of Transportation; It’s A Phishing Attack
A phishing campaign is impersonating the U.S. Department of Transportation (USDOT), according to INKY (creators of the INKY phish fence and solution providers to zero-day phishing attacks). The campaign targets infrastructure contractors who are eager to bid for a contract because of the U.S. Senate’s recent signing of the $1 trillion infrastructure bill on Tuesday, August 10, 2021.
The phishing emails contain links that lead to a phishing site informing users that the U.S. Department of Transportation “is seeking quotations from businesses (RFQ) for ongoing government infrastructure projects that may kick off soon.
The site then asks interested users to proceed, BID by clicking on the BID Button and signing in with their email accounts to connect to the USDOT network. The phishing site is an exact clone of the USDOT’s website, and the instructions are obvious and convincing. The instructions also tell the victim to contact a USDOT email address that the attackers created and control. This is now very common in the phishing universe, wherein a service is used as an attack. I believe the terminology is “Phishing-as-a-Service.
Reference:
https://blog.knowbe4.com/thats-not-the-us-department-of-transportation-its-a-phishing-attack
Miray Bolukbasi says
Since our lecture topic will be security awareness and training this week, I picked a relevant article that would address some of the real life issues in lack of SETA. The article simply talks about the increase in the cyberattacks since the organizations in UK have transformed their business operations to online during covid-19 outbreak. The president of the EU commission warns employers about attackers that are attracted by remotely working employees.
Recent research by Promon explains that two-thirds of remote employees are not given training in the past 12 months for security awareness and 77% of them not feeling worried about cyberattacks can happen due the new working conditions. Another interesting statistic, the personal mobile usage by 61% while working on company data, also addresses the lack of training and the education towards security awareness. The decreased level of security on personal mobile devices increases the vulnerability for the sensitive data.
Phishing examples can be performed by attackers include attachment looking ransomware, where employees easily click and download to their devices or fake links to web pages that can steal sensitive information. The simple but dangerous examples of these attacks easily access the information that should have been protected. Therefore, the article highlights the need of training to ensure security awareness throughout the organization: “Security awareness is not once a year activity, it needs to be an ongoing activity where employees are continually reminded of these threats that are present to identify and report”.
The article mentioned: https://www.itsecurityguru.org/2020/04/23/two-thirds-of-remote-workers-given-no-cybersecurity-training-from-employers-in-the-past-year/
Antonio Cozza says
First, the article briefly reviews the advancing technology across the corporate landscape, specifically talking about network infrastructure and how it needs to be constantly improved to compete in the modern business environment as data gets stored in more diverse complex forms. It proceeds to discuss the increasingly difficult problem that IT teams are faced with: the balance of desired performance with respect to security that actually abides by policies in practice to safeguard the applications, networks, and user information in a “distributed infrastructure.” The distributed infrastructure in place needs security that is often fragmented around individual elements which cannot effectively, if at all, interoperate. This issue provides attackers with larger attack surfaces via security gaps and inconsistencies. The author argues that the solution is ZTA, or zero trust architecture, which would fill in these security gaps and unify the dynamic and divided environment under one consistent security solution by “securing access to everything, whether inside or outside the core network.” It also monitors any device requesting resource access. With many observing the large number of remote workers and possible increase in it, Zero Trust Network Access, ZTNA, is a network application of ZTA that “extend[s] secure access controls to critical applications for any user or device, per use, whether they are on or off the network” Furthermore, it also validates credentials by observing whether the device has permission to access the network. If it is decided that it does indeed, an encrypted tunnel connection is then created along with logs, and the connection is monitored. It would be interesting to see this become a widespread solution as the author argues it will be as it addresses many common concerns that are relevant right now considering many workers with remote network access, as well as cloud security.
article link:
https://www.securityweek.com/working-securely-anywhere-zero-trust
zijian ou says
“To avoid cyberattacks, companies need to think like hackers.”
1. Analyze and prioritize digital assets
The best defense starts with analyzing an organization’s assets and the potential cost of an attack from a business perspective. For example, when a website is restored from a backup (when customers complain about inaccessibility on social media), an attack that takes an organization offline for hours is an attack that an organization needs to invest a lot of effort to prevent. At the same time, attacks that destroy servers containing unused or old applications are less worrying.
2. Think like hackers
Understanding the psychology of hackers is crucial. Hackers will look for the highest quality assets that provide the lowest resistance. To prevent attacks, companies need to devote most of their security efforts, resources, and budgets to protecting the server and setting up more barriers to access the server. Attacking a server with multiple layers of defense is more work, so hackers are more likely to focus on an easier target. The organization’s first task must be to establish defensive measures for critical assets so that hackers will divert their attention elsewhere.
3. Constant review and adjustment
Many cyber security plans do not consider the fact that modifications should be made and changes implemented often. A good security plan needs to be constantly reviewed and updated. Most organizations plan and execute a long-term project and do not build in the agility and flexibility required for the updates that should be made continuously.
Reference:
https://www.helpnetsecurity.com/2021/09/28/companies-think-like-hackers/?web_view=true
Richard Hertz says
The article I chose this week is about the ongoing importance of measuring and showing value of security awareness training. As practitioners we can be blind to the fact that other people might not be aware of the importance of security awareness. It is 2nd nature to us and therefore sometimes surprising that people don’t immediately see the importance of this kind of training. This article talks about a 3 step approach to defining measures inside an organization: 1) Establish a Vision 2) Develop Outcome Driven Measures 3) Link the Operational Outcomes to Business Benefits. I liked the fact that #3 was called out explicitly. If this is not done, then security can be relegated to the level of ‘OverHead’ which most organizations aggressively seek to minimize. However, shifting the value of security awareness training by showing business benefits changes the conversation!
https://www.cybersecuritydive.com/news/gartner-security-awareness-training/601735/
Dan Xu says
I agree with your points. I learned the importance of the value of security awareness training through this week’s assignment. People tend to overlook common security prevalence issues. If security is improved by prevention before all problems begin, then the cost required to patch vulnerabilities later is reduced.
Dan Xu says
“This Android Trojan Stole Millions of Dollars from Over 10 Million Users”
Android’s seemingly harmless Trojan has stolen millions of dollars from more than 10 million users. Zimperium zLabs refers to the malicious Trojan as “GriftHorse”. The money-making scheme has been actively growing since November 2020, with victims in various countries, such as Australia, Canada, China and others. The malicious application caters to a variety of categories, which is why it scales up its attacks. When looking at store descriptions and requested permissions, these malicious Android apps charge users monthly for premium services they subscribe to without their knowledge and consent. The programs were removed after disclosure to Google. But they continue to be available in untrusted third-party app repositories, again highlighting the risks associated with side-loading arbitrary apps and how they can be a pathway for malware intrusion.
https://thehackernews.com/2021/09/beware-this-android-trojan-stole.html
kofi bonsu says
The article basically talks about Cybersecurity as a global phenomenon representing a complex socio-technical challenge for governments, but demanding the involvement of all manners individuals to participate in its eradication process.. Though cybersecurity is primarily thought to be one of the most important challenges faced by governments today, the visibility and public awareness increasingly remains limited in its determinations.. Almost everybody has heard of or talked about cybersecurity everyday, yet, the sense of urgency and behavior of persons do not reflect high level of awareness being bandied about And that is why it is becoming absolutely necessary that everyone must own it as responsibility to do his or her part. The Internet is all too often considered as a safe environment for sharing information, transactions and controlling the physical world. Yet, cyberwars are already ongoing, and there is an urgent need to be better prepared for eventualities. The inability to frame cybersecurity has resulted in a failure to develop suitable policies. In this article discusses the challenges in framing policy on cybersecurity and offer strategies for better communicating cybersecurity. Communicating cybersecurity is beset with paradoxes, which has resulted in society not taking appropriate measures to deal with the threats. The limited visibility and awareness of threat , socio-technological complexity, ambiguous impact and the contested nature of fighting cybersecurity complicates policy-making to avert its resultants repercussions.
The article could be accessed on https://www.sciencedirect.com/science/article/pii/S0740624x17300540.
Ornella Rhyne says
This article is about a data breach that was investigated at US truck maker called Navistar exposing employee healthcare information. Basically they learned of a security incident and decided to hire expert to investigate. This incident happened in May and by the end of May, the experts found out that an unauthorized third party had accessed and taken certain data from Navistar’s IT systems.
https://portswigger.net/daily-swig/navistar-confirms-data-breach-involved-employee-healthcare-information?&web_view=true
Victoria Zak says
As of September 24, 2021, Apple’s iCloud Private Relay feature could leak a user’s IP address. This can happen by a user not having the most update operating system version. The article states, “if you read the IP address from an HTTP request received by your server, you will get the IP address of the egress proxy. Nevertheless, you can get the real client’s IP through WebRTC.” WebRTC is Web Real-Time Communication.
With the new update, iOS 15, can protect Apple users against IP address, location, and DNS requests from websites and network service providers. Unfortunately, the article mentions “the leak has remained unpatched when using iCloud Private Relay on iOS15.
It is recommended that Apple users turn off JacaScript from the web.
Reference:
https://thehackernews.com/2021/09/apples-new-icloud-private-relay-service.html
Bernard Antwi says
Security Awareness Training – Keys to Delivering a Successful Program
Security awareness training is no longer a “nice-to-have” for organizations. End users have become a critical component of effective security postures. Employees must have a strong understanding of cybersecurity best practices and learn how to detect and defend against targeted attacks. This shift in priority is needed to address an ongoing trend in the larger threat landscape.
Cybercriminals have moved away from complicated, time-consuming technical exploits to concentrate on end users, a large and frequently vulnerable attack surface. Small or large, nearly every attack now begins in the same way: by relentlessly targeting people through email, social networks, and/or cloud and mobile applications.
https://www.securitymagazine.com/articles/92567-security-awareness-training-keys-to-delivering-a-successful-program