Cyber security importance is on the rise, stay in the know with the latest trends, news topics and threats to help your business keep informed and on alert.
Industry Updates
Privacy Loss: How Businesses are Sharing User Data for Bigger Returns
There are two spectrums in loss of privacy that are faced in today’s internet age with the most awareness and discussion around the loss caused by negligence or malicious attack that hits users unknowingly. However another type of privacy loss is increasingly threatening users everywhere – and thanks to the recent headlines made by businesses like PayPal and Facebook who’ve come under scrutiny for their data “misuse”; the topic it is getting much needed attention.
With almost all internet services, users must accept terms and conditions – but that doesn’t always mean they read them. As users are growing more and more active across the internet and digital services, the issue arises where individuals are signing up for risk without even knowing it. In the month of March this was the case in the Facebook and PayPal controversies where data was discovered as being used and positioned to benefit outside parties.
Facebook: Recently making headlines in their tactics to gain data from users inadvertently, Facebook finds itself top of conversation in the fight against privacy loss. Prompted to download a quiz app, thisisyourdigitallife, Facebook users unknowingly consented to having their data scraped in areas such as user identity, friend networks and engagement. This data was then used to create profiling tools that target advertisements and other promotional tactics for outside companies; but that wasn’t all. Even more surprising was information discovered through Facebook’s terms of service which uncovers the apps on the platform are allowed access to not only the users’ data but also the data of their friends. As the level of attention brought upon the company continues, Facebook stands by its argument that users consented to this and no wrongful activity to access personal data was conducted.
PayPal: Online payment giant, PayPal just released its list of over 600 vendors with which they share the personal data of their users with. Among the type of industries these vendors operate in includes; financial products, payment processors, credit reference and fraud agencies as well as commercial partners in several other markets.
This data share allows the company and its vendors to utilize and leverage the information of thousands and thousands of users for gaining insights across demographics, purchasing patterns and interests along with other valuable consumer characteristics.
This type of privacy loss is common in companies that offer “free” services. The users are thus hooked in so their personal data provided can be accessed and shared in exchange for service use.
As more and more digital services are used, these cases of privacy loss will continue to arise and push not only companies to implement better transparency and communication when personal data distribution is a factor; but also put more responsibility on the users themselves to do their part in keep their data safe.
NEWS WORTHY
New Research Shows C-Level Employees Face the Highest Risk in Cyber Security Attacks
When a cyber criminal aims to attack, they often look to the highest level in the organization they can infiltrate.
A recent study conducted by the cyber security and anti-virus software company, Bitdefender, confirms this. Surveying 250 security specialists at enterprises with 500+ employees to highlight the largest risks and threats they see organizations facing; has helped shed light on the risk faced at the top. An overwhelming majority of 75 percent of infosec execs identifying management – from junior management to board-level management – as most likely to create data security loss within an organization, was revealed through the study. This argues against the mentality that lower-level employees are an enterprise’s biggest risk when it comes to internal threats.
Given the current global security landscape and the potential loss that has continued to impact enterprises and small businesses through devastating ransomware attacks – C-Suite individuals are faced with a growing risk aimed right at them.
Taking steps towards creating a protective cyber infrastructure that can stay ahead and ready to fight off threats in today’s ever-evolving digital space will be necessary in surviving threats such as the WannaCry and GoldenEye/NotPetya attacks that took down hundreds of organizations in the last 12 months.
As shared by the security specialists surveyed, implementing a balanced approach to data security such as the services offered by Infonaligy that encompass top IT solutions and security response teams, is key in effectively migrating threats.
Find out more on our enterprise-class solutions at
https://www.infonaligy.com/services/
LATEST THREATS
Microsoft Releases its Latest Security Intelligence Report
This 23rd edition of Microsoft’s biannual Security Intelligence Report just released late this month and brings focus to three key, interconnected themes impacting today’s cyber landscape.
Analyzing enterprise and consumer cloud services, and the billions of emails, authentications, and webpage scans Microsoft devices do each month; the report highlights important risks and threats botnets, hacker tactics, and ransomware are bringing to the forefront in the fight to stay secure.
Among the biggest threats reviewed by Microsoft in each area:
Taking Down Botnets:
- Automated bots that aim to distribute and infect devices with malware, Microsoft has teamed up again the botnet disruption since 2008. The most recent takedown came In November 2017 as the Gamarue botnet (also known as Andromeda) continued to distribute several prevalent forms of malware in its destructive path that began in 2011 and has since evolved through five versions of malware. Sold as a crime kit in the cyber underworld like many botnets, infected devices can allow privacy loss, access to secure networks and more attacks against sensitive and protected data.
- Managing a 30% decrease in Gamarue victims around the world since the takeover began, businesses must still be on guard as the organization reports 26 million infected devices remain connected to Gamarue in January and February of this year.
Hacker Tactics
- As security tools become more capable of preventing attacks, hackers behind the scenes are working towards alternative approaches – which often mean easier, cheaper methods. One of the most effective and practiced comes through threats that attempt to trick people. Using tactics such as phishing, cyber criminals engage users by impersonating services or tools they are familiar with to trigger them to take actions that will provide the hacker with sensitive data or network access.
- Phishing topped the charts for threats in the Microsoft Office 365 suite where 53% of the platform’s threats were caused by phishing in the second half of 2017. With the ability for an attacker to spam thousands of people within seconds, the threat is increasing as the report shares in its findings that nearly three-quarters of emails contain malicious links.
Ransomware
- Among the factors connecting cyber threats such as botnets and hacker tactics like phishing together – cyber criminals who use them are likely after ransom. As shared in Microsoft’s intelligence report, ransomware was everywhere in 2017, impacting businesses on a global scale. Starting the year off with hacks like WannaCry, Petya/NotPetya and BadRabbit; the takedown of businesses grew and became a potential reality for companies everywhere as the year ended with some of the highest losses seen to date.
- Initially after the collection of sensitive business data, the goal of these widespread attacks are often to use this information against the victim companies in an attempt to blackmail them for ransom money. Although not always the end goal as seen with attacks such as Petya/NotPetya that aimed to disrupt the government, there will always be cyber threats to businesses where money is the focus.
Whether looking at botnets, phishing or ransomware, the risks faced to businesses is growing across the board. Like with the increased efforts and resources put forth by Microsoft to stay ahead of the threats, all organizations must equip themselves to stay protected.
Learn more about our managed security services and how to best protect your organization at infonaligy.com
Stay in the know with the monthly updates and up to the minute critical threat vulnerabilities by signing up for our newsletter.
