Cyber Defense eMagazine November 2020 Edition

More documents

Recommendations

Info

According to a study, the click rate for phishing attacks has increased from less than 5% to more than 40% for COVID-19 scams. This number was increased significantly by provoking fear and curiosity amongst individuals. Remote Work Vulnerabilities Work from home has now become the new standard; however, there is a rise in threats for several businesses. Around 95 percent of Cybersecurity professionals claim they face additional challenges, with new remote work demands and increased threats. The sudden change in circumstances has changed the way employees access business applications and increased the potential of future attacks. To steal sensitive information, hackers exploit several vulnerabilities in unsecured Wi-Fi and to take advantage of workplace disruption.To stay safe from such exploitation, you must download VPN to keep your sensitive information safe. With some workers forced to use personal devices for work tasks, the risk of malware finding its way on devices has also increased, resulting in personal and work-related information being compromised. These devices also lack the resources built into corporate networks, including custom firewalls, corporate antivirus software, and online backup resources. The use of personal computers offers hackers many chances to exploit. Some organizations are also urging their staff to turn off voice assistants and smart speakers like Apple HomePod, Amazon Echo, and Google Home devices to prevent fraudsters from listening to confidential conversations and conference calls. The Northeastern University study shows that smart speakers accidentally activate as many as 19 times a day, recording as much as 43 seconds of audio each time. The latest research also shows that 59 percent of smart speaker consumers have concerns about privacy, with front and center undesirable listening and data collection. Even in regular times, remote working can make people vulnerable to attacks. The current environment, however, has created the perfect storm where spammers, hackers, and scammers will thrive. Zscaler researchers say they have seen a 15% -20% increase in hacking incidents every month since January, and a rise in hacking threats using terms like "Covid-19" or "coronavirus." Video Conferencing and COVID-19 Just like any other technology, video conferencing is also at risk for the privacy and security of personal information if not appropriately handled. With organizations and individuals increasingly relying on video conferencing, hackers have been targeting the opportunity quickly. As a result, fraudsters and cybercriminals have managed to enter video conferencing calls as well as eavesdropping on private conversations, hijacked screen controls, and launched many malicious attacks. Security issues were posed earlier this year when a UK cabinet meeting's Zoom ID was posted in a social media post. Some of the cabinet ministers' usernames were also identified along with the ID, which allowed hackers to access the private meeting. Cyber Defense eMagazine – November 2020 Edition 40 Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.
The Washington Post also revealed that thousands of Zoom meetings can be accessed online, including financial meetings, counseling sessions, school classes, and telehealth calls that exposed children's faces and other details. While most applications for video conferencing have controls that can be programmed to minimize these hazards, it also poses a variety of additional dangers, such as having sensitive data displayed in the background of the video or unintentionally displaying confidential information on the screen. With saying that, user education is essential for raising awareness about the risks of video conferencing and how to alleviate them. Combatting Business Email Compromise During a Crisis With the significant increase in coronavirus-related phishing attacks around the world, business email compromise attacks are now considered one of the biggest threats facing organizations. BEC attacks are expected to double each year to over $5 billion by 2023, according to Gartner, leading to major financial losses for companies by 2023. Though relatively easy to execute and low-tech, these sophisticated scams not only cause devastating financial losses but also affect organizational integrity, relationships, and the trust of stakeholders. A study took place in February, and according to that, BEC attacks increased by nearly 25 percent, ranging from fake invoices to CEO frauds and compromising employee email accounts. To further leverage Covid-19 fears, fraudsters have been cashing in by asking companies to contribute to bogus charities and invoicing for cleaning products and PPE. Fraudsters and hackers are continually changing their strategies to take advantage of new circumstances, and this pandemic is no exception. When cybercriminals increase their efforts, knowledge of these emerging threats and tactics becomes the most effective tool against them. Scammers will be swift to take advantage of any security lapses, and organizations should continue to empower and educate staff to remain vigilant. Cybersecurity is the responsibility of all, and creating a culture of cyber awareness with so many potential attack points is the key to improving security. About the Author Susan Alexandra is an independent contributing author at SecurityToday and Tripwire. She is a small business owner, traveler and investor in cryptocurrencies. Cyber Defense eMagazine – November 2020 Edition 41 Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2: 4 Reasons Why Cyber Security Is Imp
Page 3 and 4: Takeaway from the SANS Institute At
Page 5 and 6: @MILIEFSKY From the Publisher… Ne
Page 7 and 8: Welcome to CDM’s November 2020 Is
Page 9 and 10: Cyber Defense eMagazine - November
Page 21 and 22: 4 Reasons Why Cyber Security Is Imp
Page 23 and 24: 2. Reassure Your Customers Your bus
Page 25 and 26: About the Author Gabe Nelson is a c
Page 27 and 28: to higher performance. So she set o
Page 29 and 30: In the Midst of the Pandemic, Cyber
Page 31 and 32: Senior leaders: Use ongoing educati
Page 33 and 34: About the Author Samantha Humphries
Page 35 and 36: That almost always triggers a bigge
Page 37 and 38: More importantly, there are those a
Page 39: Why Cybersecurity Awareness is More
Page 43 and 44: as far as hosting a “Name and Sha
Page 45 and 46: When these individuals need access,
Page 47 and 48: start of the pandemic. In the same
Page 49 and 50: About the Author Noah Johnson is Co
Page 51 and 52: a new and more serious threat for m
Page 53 and 54: Perfecting Your Cybersecurity Sales
Page 55 and 56: Do your homework For those with tru
Page 57 and 58: Though sales culture won’t change
Page 59 and 60: 2. Plan a Phased Migration When lea
Page 61 and 62: Has Your Data Been Leaked to the Da
Page 63 and 64: Rogue Insiders attempting to steal
Page 65 and 66: friendly way for organizations to m
Page 67 and 68: If the recent spate of attacks is a
Page 69 and 70: had an attack targeted at them befo
Page 71 and 72: Behind the Scenes of AppSec’s Mis
Page 73 and 74: Next Steps Where we go from here is
Page 75 and 76: Coupled with a wide variety of atta
Page 77 and 78: Zero Trust Model Is Meaningless Wit
Page 79 and 80: Solutions need to take a “decrypt
Page 81 and 82: Automated Pentesting - Ready to Rep
Page 83 and 84: page that you can use to pivot furt
Page 85 and 86: Not even Microsoft is fool proof Wh
Page 87 and 88: Emerging Technologies Create A New
Page 89 and 90: Beyond seamless, frictionless authe
Page 91 and 92:
Add a pandemic to fraud prevention
Page 93 and 94:
About the Author Robert Capps VP of
Page 95 and 96:
Security awareness training should
Page 97 and 98:
About the Author Jay Ryerse, CISSP,
Page 99 and 100:
IT Outsourcing firm has considerabl
Page 101 and 102:
ecognizing parts of your system mos
Page 103 and 104:
Server updates can be risky, which
Page 105 and 106:
Unlocking the Promise of Packet Cap
Page 107 and 108:
About the Author Kathryn Ash is the
Page 109 and 110:
DNS and DDoS attack vectors have em
Page 111 and 112:
NCSAM Provided an Opportunity to Re
Page 113 and 114:
leveraging IT resilience solutions
Page 115 and 116:
Many businesses struggle to set up,
Page 117 and 118:
data protection and privacy for use
Page 119 and 120:
Patched Minimizes Risk - But Opens
Page 121 and 122:
Further, DCs often receive patches
Page 123 and 124:
For Federal Agencies, Securing Inte
Page 125 and 126:
C2C allows the DoD to inspect every
Page 127 and 128:
The following are documented cybera
Page 129 and 130:
About the Author Ryan Benner is Vic
Page 131 and 132:
How Is Video Intercom Being Used in
Page 133 and 134:
Cyber Defense eMagazine - November
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Page 141 and 142:
Meet Our Publisher: Gary S. Miliefs
Page 143 and 144:
FREE MONTHLY CYBER DEFENSE EMAGAZIN
Page 145 and 146:
Nearly 9 Years in The Making… Tha
Page 147 and 148:
Page 149 and 150:
show all

Cyber Defense eMagazine November 2020 Edition

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?