We Save You Time and Resources By Curating Relevant Information and News About Cybersecurity.

best-cyber-security-news

Defending Against the Digital Threats

By Tom Seest

Can Cybersecurity Prevail?

At BestCybersecurityNews, we help entrepreneurs, solopreneurs, young learners, and seniors learn more about cybersecurity.

Cyber security is a fast-paced sector, as both hackers and security providers strive to outwit each other.
Though headline-grabbing breaches make headlines, smaller organizations are also becoming targets. This includes schools, local police departments and small government offices, according to RiskRecon’s report.

Can Cybersecurity Prevail?

Can Cybersecurity Prevail?

Will Your Company Be the Next Victim?

When it comes to cybersecurity, the supply chain is an essential element. It encompasses all cloud-based software and services a business uses for operations. If a security flaw in one of these components is discovered, an attacker could potentially leverage it to obtain sensitive data across the entire business.
The attack surface has grown with the growth of software development at scale, where businesses strive to launch new apps quickly in an effort to gain an advantage over their competition. While this approach has its advantages, it also leaves application vulnerabilities unresolved.
Hackers are increasingly taking control of sensitive data through breaches in software supply chains, especially because they can potentially hit multiple targets within a short period of time. As a result, cybercriminals have gained the upper hand when it comes to accessing sensitive information.
According to a 2021 report by CrowdStrike, 84% of IT decision-makers anticipate software supply chain attacks as one of their top threats over the next three years. This is because these attacks can impact multiple systems simultaneously and don’t necessitate highly skilled or resourced attackers for successful launch.
Furthermore, supply chain attacks can be subtle and hard to detect. They may spread across networks through compromised third-party apps or software with little user community support.
Additionally, attackers are capable of exploiting transitive vulnerabilities that a software component inherits from its dependencies. These attacks pose the greatest danger since they can affect a wide range of organizations and potentially affect thousands or millions of people.
These attacks are becoming increasingly frequent, and the threat is expected to grow exponentially by 2023. As a result, many organizations are altering their strategies for approaching cyber defense.

Will Your Company Be the Next Victim?

Will Your Company Be the Next Victim?

Will Your Data Be Held Hostage Next?

Ransomware, one of the fastest-growing forms of cybercrime, has been blamed for many recent high-profile cyberattacks that prompted the US government to take action. This type of attack utilizes malicious software to encrypt data and block access until the victim pays a ransom.
Though ransomware attacks have grown in frequency, they still only account for a tiny fraction of all attacks. According to research by Cisco Systems, only 23% of all observed attacks in 2021 were ransomware – an amount that has decreased steadily since 2020.
This decrease is partly due to greater public awareness about ransomware, but it also indicates that cybercriminals have adjusted their tactics in light of increased security pressures. Traditional ransomware techniques involve encrypting target data and charging victims a fee for decryption keys; however, in recent times they are using newer techniques such as double-extortion (where they demand another fee if you don’t pay the first) and Denial of Service attacks.
These changes have drastically altered the digital extortion industry. This shift is driven by several factors, such as remote work and ransomware-as-a-service (RaaS), which enables users to launch attacks without any cybersecurity expertise required.
Another factor contributing to the surge in ransomware attacks is cryptocurrency’s rise. Being less regulated and difficult to trace than other forms of payment, cryptocurrency offers hackers a lucrative target.
Finally, cybercriminals are diversifying the threat landscape by sharing victim data and expanding affiliate schemes. Doing so gives them access to a wider range of networks, giving them more opportunities for attacks.
In the end, finding a solution to this problem will take years of dedication. But the federal government can begin by taking three measures that provide vulnerable victims with incentives and tools for improved security: Congress should establish a tax relief program for small to medium-sized organizations that adopt security best practices; utilize the Work Opportunity Tax Credit to motivate companies to hire workers with cybersecurity capabilities; and increase transparency around this issue which could ultimately lead to improved policy outcomes.

Will Your Data Be Held Hostage Next?

Will Your Data Be Held Hostage Next?

How Vulnerable is the Healthcare Industry?

The healthcare sector is particularly vulnerable to cybersecurity breaches due to hospitals storing vast amounts of patient data that could potentially be sold quickly to hackers. Hospitals also become targets for ransomware attacks, which lock up their computer systems until they pay a ransom in order to retrieve their files.
Hospitals cannot continue providing patient care without access to patient records during a cyberattack. Furthermore, GDPR, the new privacy law, has made it necessary for healthcare providers to protect their patients’ data.
However, other underlying factors have contributed to an uptick in attacks against healthcare organizations. For instance, due to the massive digital transformation taking place within this sector and an escalation of networked devices due to pandemic-related changes and economic setbacks, they are now more vulnerable than ever before to cyberattacks.
These vulnerabilities are made even worse by a shortage of staff with cybersecurity skills to prevent and respond to attacks. According to BreachQuest’s survey, only 4-7% of an average healthcare provider’s annual IT budget is dedicated to cybersecurity.
A recent survey by Sophos indicates that the healthcare sector is witnessing an unprecedented spike in cyberattacks. The study revealed a 69% growth in successful cyberattacks last year, with healthcare being one of the sectors most affected by ransomware attacks.
According to Sophos’ report, one of the reasons for this increased attack rate is that many healthcare organizations have not prioritized security on their networks. Secure network devices help limit damage from attacks and are especially essential for healthcare organizations that store sensitive patient data online.
Another major reason for the surge in healthcare attacks is that many healthcare organizations have failed to implement strong multifactor authentication (MFA) and other cybersecurity measures necessary for effective cyber defense. These steps are vital as they prevent attackers from using credentials obtained from other sources – which is a common way of breaking into healthcare networks.

How Vulnerable is the Healthcare Industry?

How Vulnerable is the Healthcare Industry?

Will Foreign Powers Meddle in the Next Election?

Election interference is a danger that can erode the integrity of elections and referendums, erode public confidence in democracy, and hinder the functioning of democratic institutions.
In recent years, foreign state actors have reportedly used cyber-enabled foreign interference tactics to meddle in elections and other referendums around the world. From targeting media outlets and online social networks to political parties and campaigns, voter registration systems, or ballot counting technologies, they have attempted to manipulate public opinion, influence election outcomes, and undermine public trust in electoral processes.
As with all cybersecurity risks, there is an urgent need to implement robust and effective legal, technical, operational, policy, civil society and educational measures against potential interference. These should be informed by systemic analysis of case studies and lessons learned, which can then be used to build stronger resilience against future attacks.
Governments should establish counter-foreign-interference taskforces that bring together key policy, electoral, intelligence and law enforcement agencies to coordinate national efforts against this challenge. These task forces should regularly engage with industry and civil society representatives, conduct formal investigations into major electoral interference activities, and publish their findings promptly and transparently.
Governments should invest more in building the capacities of key local and regional civil society groups to detect and deter foreign interference. This should include data-driven investigative journalism and research institutes, as well as private sector development, to enable them to respond swiftly and effectively to potential attacks from foreign states.
Cybersecurity is becoming more of a global concern, and as such a number of countries are taking proactive measures to safeguard their elections from interference. Sweden in particular has taken an active approach in preparation for its upcoming September elections (starting at least one year ago) – part of an overall initiative to raise public awareness and better comprehend this threat.

Will Foreign Powers Meddle in the Next Election?

Will Foreign Powers Meddle in the Next Election?

Please share this post with your friends, family, or business associates who may encounter cybersecurity attacks.