CS Jan-Feb 2024

More documents

Recommendations

Info

ansomware Raja Patel - Sophos: cybersecurity defences need to be dynamic and foresightful. Ilia Kolochenko, ImmuniWeb: the risk of getting caught - despite several prominent operations by law enforcement agencies in 2023 - are still infinitesimal. enjoy the fruits of their crimes. In 2024, we will likely see even more victims of ransomware that is gradually dethroning other - less profitable and more risky - types of cyberattacks." INVERTING THE PRINCIPLE In a bizarre twist to the principle of behaving with all due probity in this murky world, it has recently emerged that the ALPHV/BlackCat ransomware operation (widely accredited as being the first ransomware group to create a public data leaks website on the open internet) has filed a US Securities and Exchange Commission complaint against one of its alleged victims for not complying with the four-day rule to disclose a cyber-attack. Kolochenko, also adjunct professor of Cybersecurity & Cyber Law at Capitol Technology University, comments: "Misuse of the new SEC rules to make additional pressure on publicly traded companies was foreseeable. Moreover, ransomware actors will likely start filing complaints with other US and EU regulatory agencies when the victims fail to disclose a breach within the timeframe provided by law." Having said that, not all security incidents are data breaches and not all data breaches are reportable data breaches, he points out. "Therefore, regulatory agencies and authorities should carefully scrutinise such reports and probably even establish a new rule to ignore reports uncorroborated with trustworthy evidence, otherwise, exaggerated or even completely false complaints will flood their systems with noise and paralyse their work." REVISION TIME Kolochenko also suggests that victims of data breaches should urgently consider revising their digital forensics and incident response (DFIR) strategies by inviting corporate jurists and external law firms specialised in cybersecurity to participate in the creation, testing, management and continuous improvement of their DFIR plan. "Many large organisations still have only technical people managing the entire process, eventually triggering such undesirable events as criminal prosecution of CISOs and a broad spectrum of legal ramifications for the entire organisation. Transparent, well-thought-out and timely response to a data breach can save millions." ENHANCED EXTORTION Thomas Barton, who is senior IR analyst at Integrity360, addresses the very same issue: "This shows that ransomware operations are beginning to reach a maturity level where the responsible threat actors are fully aware of regulations affecting their target sector and are able to use regulatory bodies to enhance the threat of extortion. This highlights the importance of engaging experienced legal and cybersecurity profess-ionals before, during and after an incident who can assist in navigating the complex challenges that such an attack can present." Finally, and according to a new report by MIT professor Stuart Madnick, there were more ransomware attacks reported during the first nine months of 2023 than in the whole of 2022. It points to a stark increase in cyberattacks, impacting as many as 360 million people up to and including August. One reason for the jump, according to Madnick, is that ransomware groups are becoming far more organised, operating as gangs and targeting organisations with critical user data, such as government and healthcare facilities. The other cause for the jump, he points out, is that cybercriminals are increasingly using secondary vendors to gain access to their main targets. "In today's interconnected world, virtually every organisation relies on a wide range of vendors and software. As a result, hackers only need to exploit vulnerabilities in third-party software or a vendor's system to gain access to the data stored by every organisation that relies on that vendor." 26 computing security Jan/Feb 2024 @CSMagAndAwards www.computingsecurity.co.uk
cloud security LIFE INSIDE THE CLOUDS TRADITIONAL CLOUD SECURITY IS FAILING THE MODERN ENTERPRISE, STATES ILLUMIO, AS IT RELEASES NEW GLOBAL RESEARCH FINDINGS New research just unveiled digs down into the current global state of cloud security, the impact of cloud breaches and "why traditional cloud security technologies fail to keep organisations secure in the cloud". The 'Cloud Security Index: Redefine Cloud Security with Zero Trust Segmentation' from Illumio is the result of a survey conducted by independent research firm Vanson Bourne. It canvassed the views of 1,600 IT and security decision makers across nine countries and found that "cloud risks are only getting worse, traditional cloud security tools are falling short and Zero Trust Segmentation (ZTS) is essential for the modern landscape", according to Illumio. Key findings in the research include: "Traditional cloud security is failing the modern enterprise: in the last year, nearly half of all data breaches (47%) originated in the cloud, and more than six in 10 respondents believe cloud security is lacking and poses a severe risk to their business operations." "Cloud breaches cost organisations millions each year: The average organisation that suffered a cloud breach last year lost nearly $4.1 million, and yet 26% are operating under the assumption that breaches are not inevitable, posing serious risks to the business and its customers." "Zero Trust Segmentation is critical for cloud resilience: 97% [of those responding] believe ZTS can greatly improve their organisation's cloud security strategy, because it improves digital trust (61%), ensures business continuity (59%), and bolsters cyber resilience (61%)." According to Illumio: "As organisations take their most sensitive data to the cloud, they face increased complexity and risk. 98% of organisations store their most sensitive data in the cloud, including financial information, business intelligence and customer or employee personally identifiable information (PII). Yet over 9 in 10 are concerned that unnecessary or unauthorised connectivity between cloud services increases their likelihood of a breach." According to the research findings, the main threats to organisations' cloud security are: workloads and data overlapping traditional boundaries (43%); a lack of understanding of the division of responsibility between cloud providers and vendors (41%); social engineering attacks (36%); a lack of visibility across multi-cloud deployments (32%); and rising malware and ransomware attacks (32%). Some 93% of IT and security decision makers believe that segmentation of critical assets is a necessary step to secure cloudbased projects. Additionally, organisations with dedicated microsegmentation technology were less likely to have suffered a cloud breach in the last year (35%) than those without it (43%). "Because cloud environments are dynamic and interconnected, they're increasingly challenging for security teams to navigate with legacy solutions," comments John Kindervag, chief evangelist at Illumio - pictured right. "Organisations need modern security approaches that offer them real-time visibility and containment by default to mitigate risk and optimise opportunities afforded by the cloud. I'm optimistic that nearly every security team is prioritising improving cloud security in the months ahead and that they see solutions like ZTS as an essential piece of their Zero Trust journey." www.computingsecurity.co.uk @CSMagAndAwards Jan/Feb 2024 computing security 27
Page 1: Computing Security Secure systems,
Page 4 and 5: Secure systems, secure data, secure
Page 6 and 7: news Bernard Montell. HORNETSECURIT
Page 8 and 9: news Sukru Ilker Birakoglu. SUPPORT
Page 10 and 11: 2024 predictions THROUGH THE ‘LUR
Page 12 and 13: 2024 predictions Aaron Kiemele, Jam
Page 14 and 15: training SAFEGUARDING HR IN THE AGE
Page 16 and 17: cybersecurity THE TOP-LEVEL FIBRE B
Page 18 and 19: artificial intelligence AI - WHERE
Page 20 and 21: artificial intelligence Gareth Lock
Page 22 and 23: phishing PHISHING FOR THE ANSWERS D
Page 24 and 25: ansomware WE SHALL NOT BE MOVED! SE
Page 28 and 29: attack… attack POINT OF IMPACT IN
Page 30 and 31: attack… attack Amit Sinha, DigiCe
Page 32 and 33: cybercrime STAYING ABOVE THE WATER
Page 34 and 35: cybercrime crisis is behind us, the
Page 36: Computing Security Secure systems,

CS Jan-Feb 2024

Create successful ePaper yourself

Delete template?

Save as template?