Cyber Security Today, July 27, 2022 – Cyber attacks are increasing, the cost of a data breach is increasing and more

Cyber attacks are increasing, the cost of a data breach is increasing and more.

Welcome to Cyber Security Today. It’s Wednesday, July 27th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

 

If you think the pace of cyber attacks is increasing, you’re not wrong. According to Check Point Software, the average number of weekly attacks faced by organizations in the second quarter was up 32 per cent compared to the same period last year. In part that’s due to threat actors trying to take advantage early in the year of organizations that hadn’t patched the Log4j2 vulnerability, and partly due to the cyber war coming from the Russian invasion of Ukraine. Ransomware attacks are up 59 per cent compared to last year. Interestingly, organizations in Africa, Asia and Latin America face the most attacks. A North American firm faced an average of only 845 attacks in a week.

The cost of a data breach continues to rise. That’s according to research by IBM and the Ponemon Institute. The 550 organizations studied around the world that suffered a breach in the 12-month period ending in March paid an average of US$4.35 million to mop up from the attack. That’s up 2.6 per cent from the previous year. The cost was higher for firms in critical infrastructure such as banks, utilities, government and healthcare. In Canada the average cost of the 25 organizations studied was US$5.4 million. Use of stolen or compromised credentials remains the most common cause of a data breach.

Speaking of data breaches, phishing and software vulnerabilities remain the top two ways hackers defeat defences. According to new research from Palo Alto Networks, employees falling for phishing lures were the suspected start of 37 per cent of successful attacks. Thirty-one per cent of attacks started by exploiting software vulnerabilities. Brute forced or previously compromised credentials accounted for 15 per cent of initial access.

Administrators of e-commerce sites using the open-source PrestaShop platform have been warned to update the application immediately to close serious vulnerabilities. Attackers can leverage a SQL injection vulnerability to inject a fake payment form into a website and scoop up payment card data entered by customers.

A Pennsylvania-based convenience store chain will pay US$8 million to several states over a 2019 data breach. The chain, called Wawa, didn’t take reasonable security measures to prevent hackers from installing malware, the states alleged.

Organizations that use Facebook’s Ads and Business platforms are being targeted by a threat actor for stealing corporate information. That’s according to researchers at WithSecure. It believes the hackers are targeting and phishing employees on LinkedIn who likely have high-level access to their company’s Facebook Business account. Those employees are tricked into downloading malware, which the hackers use to get into Facebook Business accounts. Victims may have managerial, digital marketing and HR titles. Employees need to be cautioned about clicking on attachments in LinkedIn messages. Facebook Business accounts should be watched for suspicious downloading activity.

Finally, the No More Ransom project just celebrated its sixth anniversary. It now has188 law enforcement and security company partners around the world. They have contributed 136 ransomware decryption tools covering 165 ransomware families. Infosec leaders preparing a playbook for a ransomware attack can go there for advice. It’s also a site to check for advice if you’ve been hit. If your IT department has the skills and knows which strain of ransomware you’ve been struck with you might try a decryptor. You may need the approval of the data recovery team, the outside incident response advisor and your cyber insurance company. The site is nomoreransom.org.

That’s it for now Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Sponsored By:

Cyber Security Today Podcast