Category: cyber crime

A recent report from the FBI’s Internet Crime Complaint Center (IC3) reveals a significant surge in cyber-crime losses in the first half of 2024. From January to May 2024, the United States experienced $1.5 billion in cyber-crime losses—nearly double the $720 million reported during the same period last year.

FBI security experts are struggling to pinpoint the cause of this increase. The current theories suggest either a failure in government data protection or a rise in sophisticated cybercriminal tactics and higher ransom demands.

In response to these threats, the FBI has launched the ‘Take a Beat‘ campaign. This initiative aims to educate the public about the evolving cyber threat landscape and encourage careful online behavior to prevent falling victim to hackers and scammers.

Reporting cyber-crime is crucial. It not only helps federal agencies respond effectively but also informs others about potential threats, enhancing overall network security for both individuals and organizations.

Additionally, a report from Comparitech reveals that hackers have stolen over 6.7 million individual records from U.S. schools and colleges since 2018. This breach, involving data from more than 8,000 educational institutions, has resulted in $2.5 billion in losses due to downtime, hospital costs, and expenses related to hiring experts and negotiating with attackers.

The average downtime for affected institutions has increased significantly, from 6-7 days in 2021 to 13 days in the latest reports, highlighting the growing impact of cyber-attacks even as the world has shifted focus from the COVID-19 pandemic.

Staying informed about new technologies and countermeasures is essential to protecting ourselves from cyber threats.

The post America witnesses $1.5 billion in Cyber Crime losses so far in 2024 appeared first on Cybersecurity Insiders.

Australia’s leading financial institutions are bracing for what could be the most significant cyber attack in the history of the banking sector, with warnings issued by the top four banks. Over the past three years, these institutions have faced relentless assaults, occurring every minute of every day. This barrage has left customers vulnerable to various scams, server disruptions, and the injection of malicious code when visiting certain websites.

The National Australia Banking Group (NABG) has described these attacks as asymmetric digital warfare targeting the country’s banking sector. According to cybersecurity consultant Troy Hunt, cybercriminals have cost Australian online users an estimated $3 billion annually, a figure projected to double in the near future.

“As these attacks escalate into a form of warfare, security experts find themselves reacting to mitigate risks,” Hunt commented.

Despite concerted efforts by banks to fortify their cyber defenses, criminals continue to innovate, evading established security measures. NAB has established a dedicated customer service support unit to gather intelligence on scams and frauds, operating round the clock and handling an average of 1200-1300 crime reports annually.

The Australian Banking Association concurs with NAB’s assessment, acknowledging that financial institutions across the country are engaged in a digital battle that is ultimately impacting customers’ financial security.

In December of last year, Microsoft highlighted a rising trend in AI-driven scams, with criminals exploiting tools such as ChatGPT to clone voices or orchestrate phishing attacks, further endangering Australian businesses and financial systems.

For context, the Big Four banks in Australia—Commonwealth Bank, Westpac, National Australia Bank, and Australia and New Zealand Banking Group (ANZ)—dominate the market in terms of share, customer base, and earnings.

The post Australia looses $3 billion every year to Cyber Crime appeared first on Cybersecurity Insiders.

In recent revelations by Indian police authorities collaborating with counterparts in Sri Lanka and Singapore, a disturbing trend has emerged: hacking syndicates are preying on unsuspecting graduates by enticing them with lucrative data entry positions in countries like Cambodia, Singapore, Bangkok, Malaysia, or Vietnam, only to coerce them into cybercrime activities.

The modus operandi is unsettlingly simple- These criminal groups promise high-paying data entry roles to hopeful job seekers, providing them with basic necessities upon arrival in countries like Cambodia. However, once settled, these individuals are coerced into engaging in fraudulent schemes such as digital scams and cyber campaigns.

Many of these recruits initially sought legitimate employment opportunities after receiving training in data entry, only to find themselves ensnared in criminal activities like creating fake social media profiles to deceive innocent victims or manipulating individuals into cryptocurrency schemes, ultimately defrauding them of their finances.

Resistance is met with severe consequences. Those expressing reluctance are subjected to physical violence or starvation until they capitulate and sign documents further entangling them in criminal activities. These signed agreements, later used to implicate the coerced individuals in drug or human trafficking, carry hefty penalties and lengthy prison sentences, compelling compliance or leading to tragic outcomes like suicide due to the emotional turmoil endured.

Those who succumb to the pressures of cybercrime are promised a monthly salary of $400, payable after 45 days, with the intention of transferring funds to family members back home. Exploiting lax enforcement of laws in underdeveloped countries, except for Malaysia and Singapore, these criminal enterprises mostly operated by Chinese individuals reap substantial profits.

The question arises: how are these recent graduates enticed into such criminal enterprises? Through social media or SMS, promising job opportunities like data entry or virtual assistant positions are advertised, only to ensnare unsuspecting individuals upon arrival.

Compounding the issue, evidence of the crimes is digitally fabricated, leaving victims vulnerable to legal prosecution without implicating their employers or influencers.

In light of these alarming trends, caution is advised when encountering job offers via platforms like WhatsApp or social media. What may appear as a promising opportunity could well be a trap leading to dire consequences.

The post Data Entry Job Offers in Southeast Asia Could Be Cyber Crime Traps appeared first on Cybersecurity Insiders.

The Indian Ministry of External Affairs has issued a stern warning regarding a surge in cybercrime activities under the guise of fraudulent job offers. According to the government, a concerning number of young individuals are being enticed with false promises of employment opportunities, only to find themselves coerced into criminal activities upon arrival in Cambodia.

This alarming trend encompasses two distinct forms of criminality: firstly, the deceptive recruitment of unemployed youths with enticing yet counterfeit job prospects, and secondly, their subsequent manipulation into participating in cybercrime operations.

The Cambodian government was the first to identify this growing menace and promptly notified Indian authorities, leading to collaborative efforts to rescue and repatriate over 250 Indian nationals, with 75 individuals rescued in the past three months alone.

It has come to light that the perpetrators behind these nefarious schemes have been exploiting popular professional networking platforms such as LinkedIn to lure unsuspecting victims. While similar tactics have been attributed to criminal elements from North Korea and China in the past, previous instances did not involve coercing victims to engage in criminal activities abroad.

This recent development represents a dangerous escalation, as it involves the involuntary recruitment of youths into cybercriminal activities.

Furthermore, this criminal enterprise appears to be intricately linked to other illicit operations, including human trafficking, passport forgery facilitated by corruption, telecom fraud, and various other offenses. This interconnected web not only victimizes individuals but also poses a significant threat to national security, as coerced individuals may, in turn, be compelled to recruit others or engage in fraudulent activities to sustain themselves.

Despite concerted efforts by various Western governments to combat such criminal enterprises, they persistently resurface, demonstrating a resilient and adaptable nature.

The post Indian government issues cyber crime alert in view of job offers appeared first on Cybersecurity Insiders.

Third-party cyber-attacks remain one of the most significant threats facing organisations across the globe. Most recently, Bank of America, a multinational investment banking and financial services corporation, began notifying customers that a November 2023 hack against one of its service vendors resulted in the exposure of personally identifiable information (PII). 

The breach occurred following a security incident against Infosys McCamish Systems (IMS), a subsidiary of Infosys that provides deferred compensation plan services to Bank of America. According to the IMS notification letter filed with the Maine Attorney General, “On or around November 3, 2023, IMS was impacted by a cybersecurity event when an unauthorized third party accessed IMS systems, resulting in the non-availability of certain IMS applications.” 

The notice revealed that while only 57,028 of Bank of America’s millions of customers were directly impacted in the breach, the PII exposed included Social Security Numbers, credit card and account numbers, as well as names, and addresses. An incendiary mix of data—one that could be easily leveraged by threat actors to launch social engineering attacks against any and all of the impacted individuals. 

Then, on November 4th, IMS notified Bank of America that data relating to their customers may have been exposed. The infamous ransomware gang, LockBit, on the same day claimed responsibility for encrypting over 2,000 IMS systems in the attack.  

“Vendor risk is continuing to become more of a concern,” commented Erich Kron, Security Awareness Advocate at KnowBe4. “Bad actors are finding that attacking the large organizations with significant budgets for cybersecurity and data protection can often be less effective than attacking those that process the same information but may not have the same budget to protect it.” 

 

While Kron explained that using third-party vendors isn’t a bad thing on its own, he also pointed out how “it’s critical to ensure that policies and procedures exist related to the protection of any data being shared. Making sure that contracts define what information is being processed and how long it’s been retained is a very important part of this data management with third parties. In addition, information should be limited as much as possible and anonymized whenever it’s an option.” 

 

Interestingly, this is not the first time Bank of America has been impacted by a third-party cyber-attack. In May 2023, Ernst & Young, an accounting firm providing services to the bank, was hacked by the Cl0p ransomware gang by way of the MOVEit file transfer zero-day exploit. In this incident, personal data like SSNs and financial information of Bank of America customers were also exposed.  

The fallout from the MOVEit hack was explosive, impacting mainly third-party vendors and, as a result, their many, varied customers.  

Indeed, Ray Kelly, fellow at the Synopsys Software Integrity Group, said, “[The MOVEit] issue caused massive amounts of stolen data from large organisations and even the US Government. Ensuring the trust chain between organisations, while not a simple task, is essential to protecting consumers’ private information.” 

Hackers have certainly cottoned on to the weakness of third-party, supply-chain vendors. Where big enterprises like Bank of America most likely have mature cybersecurity protocols, vendors like ISM might not prioritise cyber posture like they ought to. But really—they ought to. The malicious moxie of cybercriminals and cybergangs continues to evolve daily. Vendors can no longer neglect cybersecurity experts.  

As Tom Kellermann, SVP of Cyber Strategy at Contrast Security, commented, “By targeting these less secure vendors [cybercriminals] can successfully compromise major banks. The regulators must mandate higher standards of cybersecurity for shared service providers.” 

 

And yet, this doesn’t dissolve organisations like Bank of America from responsibility either. Sure, ISM (and previously, Ernst & Young) were the actual hacked parties, but it was Bank of America customers that were impacted. Did the bank do its due diligence to ensure that data was being handled by vendors in a sophisticated manner? In the wake of these events, the answer is probably no. The question then becomes: how much longer will banks, enterprises, and even government organisations accept lacklustre cybersecurity standards from their vendors? 

 

Erfan Shadabi, cybersecurity expert with data security specialists comforte AG, commented, “Financial institutions, particularly banks, have long been prime targets for cybercriminals due to the vast amount of sensitive information they hold. This breach underscores the need for financial institutions to adopt a proactive approach to cybersecurity, embracing continuous monitoring and threat intelligence capabilities to detect and respond to threats in real-time.”  

 

Al Lakhani, CEO of IDEE, added, “Protecting the supply chain is critical. Especially when they can cause these kinds of attacks. Therefore, relying on first generation MFA that requires two devices and lacks the capability to prevent credential phishing attacks is a non-starter.  

“To fortify supply chains effectively, they must be protected using next-generation MFA solutions, which protect against credential, phishing and password-based attacks, including adversary-in-the-middle attacks by using same device MFA.” 

Darren James, a Senior Product Manager at Specops Software, an Outpost24 company, commented,When outsourcing services to 3rd parties that handle personally identifiable or sensitive information, both for employees and customer, appropriate risk assessments should always be made.”  

 

In fact, James suggested asking the following questions when it comes to risk assessing third parties:  

  

  • Do they regularly scan for breached passwords? 
  • Do they have strong MFA controls in place especially with access to customer data? 
  • Do they scan the internal and external attack surface of their IT systems? Can you see a summary of recent results? 
  • Where is the data held, under what countries jurisdiction, is your data always encrypted in transit and at rest? 
  • What security, backup, disaster recovery policies and procedures do they have in place? 
  • Do they comply with regulatory requirements for your industry? 
  • What guarantees and insurance do they offer if their systems are compromised? 
  • Do they outsource your data to any other parties? 

 

Sean McNee, VP of Research and Data at DomainTools, concluded, “The deeply interconnected nature of running business online generates tremendous value for consumers and business owners alike, but it also fundamentally changes the threat landscape businesses must defend themselves against. Supply chain attacks such as this highlight the unique challenges operating today. Unfortunately, customers end up suffering long term effects from these events.” 

 

“Stay frosty out there,” McNee warned. The best thing consumers can do is to stay vigilant, alert, and proactive. And—if you are one of the impacted — make sure to take advantage of that free credit monitoring service. 

 

 

The post Cyber gaps in the supply chain — Bank of America breached in another vendor cyberattack first appeared on IT Security Guru.

The post Cyber gaps in the supply chain — Bank of America breached in another vendor cyberattack appeared first on IT Security Guru.

Scotland’s police have officially declared a troubling surge in cyber crime within their jurisdiction, indicating a doubling of incidents compared to the previous year. This alarming trend is expected to escalate further in the coming months. The proliferation of technologies such as ChatGPT, which are being harnessed by criminals for online fraud and financial scams, has contributed significantly to this rise, surpassing all other forms of fraud detected by law enforcement.

Recent figures released by the Scottish Mail underscore the evolution of cyber crime over the past 18 months, with reported online fraud cases soaring to 17,000, a stark contrast to the mere 3,000 incidents recorded in 2021.

Of particular concern is the targeting of individuals aged 15 to 40, with tragic consequences exemplified by a teenager who took her own life after falling victim to a threat actor who not only drained funds from her online wallet but also coerced her into sharing intimate photos for blackmail purposes.

Mark Thatcher, a security researcher based in France and formerly active as a black hat hacker, expressed empathy for the plight of innocent online users who are increasingly losing confidence in their digital interactions due to the relentless exploitation by cyber-criminals.

The fear of cyber crime extends beyond individuals to businesses, with approximately 1% of them forced to permanently close their doors as a result of being targeted by various threats, including insider breaches, ransomware attacks, phishing schemes, and espionage efforts by state-sponsored actors.

To mitigate the risk of falling victim to cybercrime, adopting proactive measures is imperative. This includes employing strong passwords, regularly updating software, utilizing secure internet connections such as 4G or 5G instead of Wi-Fi, refraining from clicking on links from unknown sources via SMS or email, implementing two-factor authentication, refraining from sharing personal information such as birthdates and bank account numbers on social media platforms, and utilizing a VPN for browsing. By adhering to these best practices, individuals and businesses can effectively combat the spread of cyber threats and safeguard their online presence.

The post Cybercrime in Scotland upsurges like an Epidemic appeared first on Cybersecurity Insiders.

  • The majority of large enterprises spend an average of 3-5 months integrating and training teams on each new security solution – at the expense of threat hunting, vulnerability scanning and security awareness training 
  • However, major contradictions are rife, with 76% believing more tools equate to better security 

Attitudes to cybersecurity within the UK’s largest organisations are highly contradictory and risk exacerbating existing risks, stress, and inefficiency, new research from SenseOn has today revealed. The research which surveyed 250 IT and Security decision makers at UK and Irish companies with more than 250 people – uncovered that the vast majority still subscribe to the belief that ‘the more cybersecurity tools you purchase the more protected you are’, despite new tools taking an average of 2.4 months to adopt, taking away from other critical activity including threat hunting and security awareness training. The study also found that two thirds of respondents from the largest organisations (5,000-10,000 employees) see third party risk as a primary challenge, presenting a further contradiction to the perception that more tools improves security.

This speaks to a security ecosystem where organisations feel compelled to buy tools to feel better protected, only to find themselves concerned about the necessary exposure of having more suppliers and vendors, and with months in cybersecurity limbo, dedicating even more time to adopting the new tools, rather than using them.

The problem of new tools being hailed as a solution to security problems is further compounded by a chronic lack of staff to adopt – and subsequently manage – these tools. At a time when security professionals are already overwhelmed and under-resourced, new tools can place additional demands on already stretched teams. 

Corresponding to this narrative, the same poll of security professionals also found that 95% of respondents believe that stress is impacting staff retention in their organisation. When polled on what technologies would reduce this stress, 83% of respondents highlighted ‘tools that use AI to automate security activity’ and 81% opted for security awareness training. 

“The research supports something lots of people working in the industry already know: Cybersecurity is broken.” said David Atkinson, Founder and CEO of SenseOn. “Such a large majority of security leaders reporting their companies reliance on tools in place of a security strategy is a huge concern.

“The tools they are purchasing are expensive, time-consuming to launch, and are not built to integrate with each other. This means that despite spending huge amounts of time and money on them, they do not make an organisation safer – particularly when considering the justified concerns many of  these leaders share regarding their supply chain risks. Companies  should look to solve these issues by partnering with vendors that  can unify multiple security disciplines under a single unified product, which can reduce costs, blindspots, and alleviate much of the stress security teams are currently experiencing.” 

The post Fragmented cybersecurity vendor landscape is exacerbating risks and compounding skills shortages, SenseOn research reveals first appeared on IT Security Guru.

The post Fragmented cybersecurity vendor landscape is exacerbating risks and compounding skills shortages, SenseOn research reveals appeared first on IT Security Guru.

New research conducted by e2e-assure indicates that a significant proportion of mid-sized companies, approximately 59%, express diminished confidence in their ability to detect cyber threats. This contrasts with just over half of enterprises, where 52% share this concern.

Ensuring robust protection against cyber threats has become an urgent imperative for companies, given the escalating challenges posed by ransomware attacks. E2e-assure’s research reveals that a substantial majority, 75%, of Chief Information Security Officers (CISOs) and key decision-makers in the realm of cybersecurity have encountered cyberattacks. Moreover, the frequency of security breaches shows no sign of abating. According to a recent study by GOV.UK, a fifth of businesses admit to experiencing breaches or attacks on a weekly basis over the past year.

Despite the fact that mid-sized companies are more inclined to outsource their cybersecurity operations, at 57%, the research indicates that they fare poorly in comparison to enterprises. To be precise, 47% of mid-sized companies report that their service provider is underperforming, as opposed to 37% of enterprises. This might explain why only 22% of mid-sized firms believe they possess the resilience needed to withstand cyber threats.

In terms of contract flexibility, 62% of mid-market companies claim to lack contracts that can adapt to changes in the initial agreement, while only 46% of enterprises face this issue. Furthermore, 66% of mid-sized companies lack transparent pricing from their service provider, compared to 44% of large organizations.

The survey also highlights that services are less likely to be tailored for mid-sized organisations. For instance, 57% of mid-sized companies are less likely to benefit from client-centric delivery teams, in contrast to 50% of enterprises. Over half, 58%, of mid-sized organisations do not have access to tools that can be customized to meet their specific business needs, compared to 50% of enterprises.

This discrepancy means that mid-sized organisations are not enjoying the same level of specialist expertise as their enterprise counterparts, potentially leaving them at a higher risk of security compromise.

According to Rob Demain, the CEO of e2e-assure: “Our report aimed to unveil the insights of CISOs and decision-makers regarding the performance of their security operations in a year that has proven to be monumental for cybercrime. While mid-sized organisations are the most prominent outsourcers in our study, the majority express dissatisfaction with their current support, highlighting the critical need for a shift in service and commercial offerings from cybersecurity providers to better assist mid-sized companies in safeguarding against breaches.”

Nonetheless, with nearly one-third (29%) of mid-sized companies indicating their intention to seek outsourced cybersecurity providers in their next procurement cycle, there is evidently a strong desire among cybersecurity professionals to entrust more responsibilities to external experts.

The findings underscore the necessity for a transformation in the services offered by providers, leading to the emergence of five key themes for rejuvenating cyber defence in 2024:

1. Providers must demonstrate their value.
2. Security teams will need to relinquish more control to trusted providers.
3. Contracts should be more commercially flexible.
4. Flexibility in services and tools becomes a priority for organizations.
5. Quality cyber defence needs to become more accessible to organisations of all sizes.

To read the full report which also reveals the rise of hybrid cyber security models, the key frustrations of cyber security teams and advice on how they can stay ahead of cyber threats, click here.

The post More than half of mid-sized firms lack confidence in tackling cyber threats finds new report first appeared on IT Security Guru.

The post More than half of mid-sized firms lack confidence in tackling cyber threats finds new report appeared first on IT Security Guru.

International Cyber Expo has announced its programme for the annual Global Cyber Summit, sponsored by Sonatype, OpenText, and Infoblox, and hosted at Olympia London on the 26th and 27th of September 2023. The summit returns with greater international appeal. Among other topics of discussion, guest speakers will provide the Ukrainian perspective on cyber security, in light of recent geopolitical events.

With opening remarks by Professor Ciaran Martin CB, Chair of International Cyber Expo’s Advisory Council, the Global Cyber Summit assembles some of the industry’s greatest minds to review ongoing cyber threats, priorities and challenges. Uniquely, the programme this year invites advisors closely associated with Ukrainian government agencies to present their invaluable insight into the reality and impact of Russian cyber-attacks on the country and beyond. 

Special guest speakers include Oksana Kharchenko, a member of YouControl – a Ukrainian team of developers creating services for business analysis – who will delve into the challenges of managing sanctions risk in the current geopolitical setting. Andrew Hural, Director, MDR of UnderDefense – a prominent cyber security company offering pro bono services to Ukrainian government entities – will also reflect on the last 500 days of Russian cyber operations, determining the successes and failures of their espionage. 

Other globally pertinent subject matters will be discussed by world-renowned experts as well. 

Below are a few agenda highlights: 

  • Nicola Whiting MBE, co-owner of Titania Group, will reveal why diversity and inclusion efforts might be stalling, and provides a new framework.
  • Theresa Deumchen, Tech Policy Associate at Global Counsel, examines the regulatory landscape concerning generative AI.
  • Alexsander Gorkowienko, SecurityLabs Senior Managing Consultant at Spirent Communications, will explain how EU security regulations, such as the NIS 2 Directive, might affect businesses across the region.
  • Jake Moore, Global Cyber Security Advisor at ESET, sheds light on his attempt to manipulate recruitment staff, land a job inside a company and gain full access to their data. 
  • Stewart Bertram, Head of Cyber Threat Intelligence at Elemendar, utilises a mix of case studies and theories to expose the crossover between misinformation and cyber threat operations.
  • Rashik Parmar, Group CEO of BCS, The Chartered Institute for IT, and Dr Saritha Arunkumar, IBM Public Cloud Worldwide Technical Leader – Security, sit together on a panel to address the question: What does the rise of AI and quantum computing mean for the future of cyber security?
  • Charlotte Hooper, Helpline Manager at The Cyber Helpline highlights the impact of cybercrime on individuals and what can be done to support them.

Attendees of the Global Cyber Summit can also take advantage of scheduled talks at the co-located International Security Expo. In fact, Joel Aleburu at Microsoft will be speaking here about the role of cyber espionage in terrorist activities on the first day of the event; while Joe Wrieden, Intelligence Analyst at Cyjax will assess the key role of Advanced Persistent Threats (APTs) in serious and organised crime on the second day.

“It has been an absolute delight and honour to curate International Cyber Expo’s Global Cyber Summit agenda, once again. We received a substantial influx of speaker submissions, far surpassing that of last year, which only goes to prove the event’s success since its inaugural launch last year,” said Philip Ingram MBE, former senior British Military Intelligence Officer and Content Lead for International Cyber Expo. “We have a phenomenal schedule of speakers, tackling a number of timely topics from AI and quantum computing to the Ukrainian experience amid its Russian invasion. Equally important, and what makes the Summit one-of-a-kind, is the opportunity for audiences to explore the overlapping nature of these issues in the cyber and physical worlds, considering International Security Expo is just down the hall.”

All sessions are CPD Certified. 

While it continues to be refined, you can find the latest Global Cyber Summit programme and details about speakers, here: https://www.internationalcyberexpo.com/international-security-conference 

To register for FREE as a visitor: https://ice-2023.reg.buzz/eskenzi

The post Programme for International Cyber Expo’s Global Cyber Summit 2023 Announced appeared first on IT Security Guru.

This week, it was discovered that cybercriminals had exploited an ongoing vulnerability in Progress Software’s MOVEit file transfer app to infiltrate the systems of payroll company, Zellis. According to its website, 42% of the FTSE 100 are Zellis customers and over £28bn is paid each year through its Managed Services.

This eventually led to a widespread ransomware attack impacting at least eight customers including the BBC, British Airways, Aer Lingus and Boots; all of whom have been given an ultimatum to begin ransom negotiations before the 14th of June or see hundreds of thousands of their employees’ data published online. Data stolen comprises of national insurance numbers, home addresses and even bank details.

Russian ransomware gang, Clop, have taken responsibility for the attack and have suggested that they have information on hundreds of companies.

Commenting on the news, Simon Newman, Advisory Council member of International Cyber Expo said:

 “Many larger organisations have invested heavily in boosting their own cyber security over the past few years, making it more difficult for cyber-criminals to find a way in. As a result, cyber criminals are increasingly shifting their focus onto supply chains which are often long and complex.

 The ability to compromise the security of a supplier not only provides a potential back door into larger organisations, but as the third party is likely to provide products or services to other companies as well, it means that the scale and the scope of the attack is far greater.

Despite this, according to the Cyber Breaches Survey 2023, only 13% of businesses regularly review the risks posed by their immediate suppliers. The National Cyber Security Centre (NCSC) recently published new guidance on supply chain security to improve awareness and promote the adoption of good practice.”

Ray Kelly, Fellow at Synopsys Software Integrity Group added:

“This is a significant breach that demonstrates the importance of the software supply chain when it comes to data privacy. In this incident, a single vulnerability in a piece of software run by a third-party vendor led to the compromise and exposure of personal employee data across multiple organisations that the vendor services. The depth of this breach is still being investigated, but it will be interesting to see how GDPR will assess fines for the various organisations involved in this incident, as the software supply chain aspect certainly complicates matters.”

For Javvad Malik, lead security awareness advocate at KnowBe4the attack is a “grim reminder of the sheer value of data in the hands of malicious actors. Cybercriminals know organisations cannot afford to lose critical data, causing undue pressure to pay large ransoms. This once again highlights the crushing effect of data breaches on modern organisations; a fact that hackers are acutely aware of.”
And therefore, he advises organisations to “implement robust security measures that include multi-layered cybersecurity defences, employee cybersecurity awareness training, and a tested incident response plan. The key message remains clear, we must prioritise our data and adequately invest in its protection.”

Moreover, Newman cautions the affected companies against paying the ransoms, concluding:

“Paying ransoms to cyber criminals does not guarantee that all the data will be returned. In fact, in most cases, it’s extremely rare and may simply expose you to further ransomware attacks in the future.”

The post Clop Ransomware Gang Extorts Household Names including BBC, British Airways and Boots appeared first on IT Security Guru.