Cyber Security Today, Friday Sept. 8, 2023 – Are boards and CISOs communicating, the latest ransomware data and more

Are boards and CISOs communicating, the latest ransomware data and more.

Welcome to Cyber Security Today. It’s Friday, September 8th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

 For the financial health of a company, a board and its chief information and security officer ought to be on the same page. When they are it’s a sign of good communication. But when they’re not …. I mention this because this week another one of those surveys popped up that makes me worry about communications. It was done by Proofpoint, which recently questioned 600 members of boards in 12 countries — including the U.S. and Canada — at organizations with more than 5,000 employees. Fifty-three per cent of board members felt their organization is unprepared to cope with a targeted cyber attack. However, in an earlier survey 61 per cent of CISOs felt their firm is unprepared for a targeted cyber attack. So judging by the respondents, more CISOs are worried than their boards about targeted cyber threats. Or maybe boards haven’t got the message how serious the threat is. But the numbers also make me wonder why do so many CISOs — over 60 per cent — think their company is unprepared? Or saying in a survey that you feel unprepared just a recognition of reality: That CISOs don’t know exactly what’s coming from threat actors? I’ve felt for some time that some of these ‘How do you feel?,’ surveys don’t answer important questions.

More first-half ransomware attack data is in. According to researchers at Arctic Wolf, its incident response team saw a 46 per cent increase in incidents in the first six months of the year. That echoes other reports that successful ransomware attacks are up. But note this: In an analysis of organizations listed by ransomware groups as victims, 82 per cent were small or medium businesses with fewer than 1,000 employees. Again this is evidence that ransomware groups are just as likely to go after a small company as they are a member of the Fortune 100. That’s another reason why small firms need to put more resources into cybersecurity. One more thing from this report: The most likely targets of ransomware gangs are English-speaking countries like the U.S., the U.K. and Canada.

Finally, a four-year old automated scam-as-a-service operation continues to expand, luring victims through fake ads on online marketplaces. That’s according to researchers at Group-IB. The campaign has been dubbed Classiscam, because it started on classified ad websites in 2019. Since then over 1,300 separate Classiscam groups have been created. Group-IB infiltrated the Telegram messaging channels of almost 400 of them. The researchers estimate those groups alone have earned US64.5 million. How? By creating fake ads — sometimes as buyers, sometimes as sellers — hoping potential victims will be fooled into buying goods or services. The crooks behind these automated scams impersonate classified sites, delivery services, hotel reservation sites, real estate rentals, retail, carpooling services and bank transfer platforms. The lesson is these firms have to work harder to find new fake domains, fraudulent advertising and phishing pages, the report says. Firms also have to watch underground forums for any indications their brand is being hijacked.

That’s it for now. But later today the Week in Review will be available. It features a conversation between IT World Canada CIO Jim Love and Adam Evans, chief information and security officer of Royal Bank of Canada.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.