Cyber Security Today, July 27, 2022 – Cyber attacks are increasing, the cost of a data breach is increasing and more

Share post:

Cyber attacks are increasing, the cost of a data breach is increasing and more. Welcome to Cyber Security Today. It’s Wednesday, July 27th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts
  If you think the pace of cyber attacks is increasing, you’re not wrong. According to Check Point Software, the average number of weekly attacks faced by organizations in the second quarter was up 32 per cent compared to the same period last year. In part that’s due to threat actors trying to take advantage early in the year of organizations that hadn’t patched the Log4j2 vulnerability, and partly due to the cyber war coming from the Russian invasion of Ukraine. Ransomware attacks are up 59 per cent compared to last year. Interestingly, organizations in Africa, Asia and Latin America face the most attacks. A North American firm faced an average of only 845 attacks in a week. The cost of a data breach continues to rise. That’s according to research by IBM and the Ponemon Institute. The 550 organizations studied around the world that suffered a breach in the 12-month period ending in March paid an average of US$4.35 million to mop up from the attack. That’s up 2.6 per cent from the previous year. The cost was higher for firms in critical infrastructure such as banks, utilities, government and healthcare. In Canada the average cost of the 25 organizations studied was US$5.4 million. Use of stolen or compromised credentials remains the most common cause of a data breach. Speaking of data breaches, phishing and software vulnerabilities remain the top two ways hackers defeat defences. According to new research from Palo Alto Networks, employees falling for phishing lures were the suspected start of 37 per cent of successful attacks. Thirty-one per cent of attacks started by exploiting software vulnerabilities. Brute forced or previously compromised credentials accounted for 15 per cent of initial access. Administrators of e-commerce sites using the open-source PrestaShop platform have been warned to update the application immediately to close serious vulnerabilities. Attackers can leverage a SQL injection vulnerability to inject a fake payment form into a website and scoop up payment card data entered by customers. A Pennsylvania-based convenience store chain will pay US$8 million to several states over a 2019 data breach. The chain, called Wawa, didn’t take reasonable security measures to prevent hackers from installing malware, the states alleged. Organizations that use Facebook’s Ads and Business platforms are being targeted by a threat actor for stealing corporate information. That’s according to researchers at WithSecure. It believes the hackers are targeting and phishing employees on LinkedIn who likely have high-level access to their company’s Facebook Business account. Those employees are tricked into downloading malware, which the hackers use to get into Facebook Business accounts. Victims may have managerial, digital marketing and HR titles. Employees need to be cautioned about clicking on attachments in LinkedIn messages. Facebook Business accounts should be watched for suspicious downloading activity. Finally, the No More Ransom project just celebrated its sixth anniversary. It now has188 law enforcement and security company partners around the world. They have contributed 136 ransomware decryption tools covering 165 ransomware families. Infosec leaders preparing a playbook for a ransomware attack can go there for advice. It’s also a site to check for advice if you’ve been hit. If your IT department has the skills and knows which strain of ransomware you’ve been struck with you might try a decryptor. You may need the approval of the data recovery team, the outside incident response advisor and your cyber insurance company. The site is nomoreransom.org. That’s it for now Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine. Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. The post Cyber Security Today, July 27, 2022 – Cyber attacks are increasing, the cost of a data breach is increasing and more first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

40 thousand routers compromised: Hashtag Trending for Wednesday, March 27th, 2024

A new cyberthreat is taking down home routers. Germany passes a law insisting on end to end encryption. Reports expose the craziness of tech hiring practices, the US government has had it with SQL injection attacks and Elon Musk gets a smackdown from a federal judge as we see more from the X files –

Cyber Security Today, March 27, 2024 – A botnet exploits old routers, a new malware loader discovered, and more warnings about downloading code from...

This episode reports on a new network of 40,000 infected small and home office routers and other devices that are part of a criminal botnet

Apple gets hammered by the EU again: Hashtag Trending for Tuesday, March 26, 2024

Apple gets hammered by the EU once again while there’s a threat in the US of breaking up the big tech giants. Google appears to have another problem AI implementation, Steve Wozniak is back as an unlikely critic of the TikTok ban, a new open source AI that runs on your computer an an Amazon

CIOs complain of “application sprawl” – Hashtag Trending, Monday March 25th, 2024

Apple may get an unexpected penalty from the US Governments new lawsuit, survey of CIOs complains of application sprawl but proposes that the way to get out of it is “more applications”, 1% of employees cause 89% of data loss events and information surfaces about some potentially enormous developments in AI in the coming months.

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways