Restaurant chain Chili's is the latest retailer to report a data breach involving point of sale (PoS) security.
Brinker International, which operates over 1,600 Chili's restaurants globally, announced the data breach on May 12, after becoming aware of the security incident the day before. The company did not reveal how many customers have been impacted by the breach, though it did state that payment card information was stolen over a two-month period.
A data breach at a customer services provider with a name that looks like a misprint, 7.ai, may have exposed the data of thousands of Sears department store and Delta Air Lines customers last fall, the companies disclosed this week.
Cyber-security executives and business decision makers question whether phishing emails or ransomware attacks are the most potent threats faced, but are businesses equipped to implement all-round risk mitigation strategies?
In today’s market, no growing business can isolate itself from online communications and commerce. Yet avoiding the internet entirely is the only way to guarantee your company will not be exposed to cyber threats. Once a business is online it will always be exposed to some residual risk it cannot feasibly address in a disaster recovery plan, business continuity plan, or through an information security technology solution.
A spokesman says Atlanta's airport has taken down its Wi-Fi network and disabled parts of its website "out of an abundance of caution" following a ransomware cyberattack on the city's computer network.
Orbitz, a subsidiary of online travel agency Expedia said on Tuesday that hackers may have accessed personal information from about 880,000 payment cards.
Business interruption (BI) and cyber incidents interlink as the major threat for companies globally in 2018, according to the insight of 1,911 risk experts from 80 countries in the Allianz Risk Barometer 2018. However, for marine and shipping companies, natural catastrophes (34 percent), including storm, floods and earthquakes, takes the top spot – up from number four in 2017. BI tied with cyber incidents (31 percent), for the second spot followed by theft/fraud/corruption (27 percent) and fire/explosion (25 percent) to round out the top five business risks in the maritime sector for 2018. These incidents illustrate the complex nature of insurance risks as most are closely intertwined in complex loss cases.
Financial institutions, government agencies and key industrial sectors of the economy in the country should prepare for a massive exploration of Cyber crimes as 2018 unfolds.
According to the director of Cloud strategy at giant technology firm Microsoft Rudiger Dorn, the year is likely to see an increase in phishing- where hackers obtain account details of employees or individuals through credit cards and banking details to commit a Cyber crime.
Germany’s government was marshaling its defenses on Thursday against a powerful cyber attack that lawmakers said had breached the foreign ministry’s computer network and whose origins officials admitted were still unclear.
Government departments should be more worried about teenage bedroom hackers than state-sponsored cyber terrorists, the Information Commissioner has warned.
The recently released Allianz Risk Barometer ranked the top business risks for 2018, based on the views of more than 1,900 risk management experts globally. Here, we look at the top three identified business risk for Australia and discuss how they can be effectively managed.
NEW YORK — How to deal with a potential cyber attack is top of mind for most company directors, but preparing them for this crisis is particularly difficult, says an expert.
Cyber attacks and data breaches in businesses have almost doubled globally in 2017 compared to the previous year, jumping up to a record high of 159,700, according to the latest report from The Online Trust Alliance.
Many businesses today have an online presence, involving assets such as company websites, blogs and social media accounts. However, these companies are also vulnerable to hackers looking to find valuable data, such as Social Security numbers and customer names, addresses and phone numbers.
(Reuters) — Britain's information regulator said on Wednesday it had fined Carphone Warehouse £400,000 ($539,400) after a 2015 cyber attack exposed the personal data of more than 3 million customers.http://www.businessinsurance.com/article/20180110/NEWS06/912318425/Britain-fines-Carphone-Warehouse-over-data-breach
Reuters) — Security researchers on Wednesday disclosed a set of security flaws that they said could let hackers steal sensitive information from nearly every modern computing device containing chips from Intel Corp., Advanced Micro Devices Inc. and ARM Holdings.http://www.businessinsurance.com/article/20180104/NEWS06/912318282/Intel-ARM-Advanced-Micro-Devices-chip-security-flaws-phones-computers-risk
While major breaches where millions of records are compromised tend to dominate the news, a much more dangerous and insidious threat goes largely unnoticed — that of the insider. https://hbr.org/2017/12/the-most-common-ways-you-could-get-tricked-into-compromising-company-data?utm_campaign=hbr&utm_source=linkedin&utm_medium=social
It is a scary time to do business. Phishing, hacking, identity theft, ransomware, payment fraud: the list of ways that cyber criminals are attacking individuals, companies and governments seems endless.https://www.entrepreneur.com/article/303563
(Reuters) — SWIFT, the global messaging system used to move trillions of dollars each day, warned banks on Wednesday that the threat of digital heists is on the rise as hackers use increasingly sophisticated tools and techniques to launch new attacks.http://www.businessinsurance.com/article/20171129/NEWS06/912317516/SWIFT-warns-banks-over-cyber-heists-as-hack-sophistication-grows
(Reuters) — Struggling ride-hailing firm Uber Technologies Inc. faces a fresh regulatory crackdown after disclosing it paid hackers $100,000 to keep secret a massive breach last year that exposed personal data from around 57 million accounts.http://www.businessinsurance.com/article/20171122/NEWS06/912317418/Uber-faces-scrutiny-from-regulators-in-US-UK-over-breach-of-57-million-accounts
A total of 57% of small and medium enterprises do not have cyber insurance, while 63% have experienced some form of cyber incident, says a survey issued Monday by Argo Group International Holdings Ltd.http://www.businessinsurance.com/article/20171120/NEWS06/912317358/Small-and-medium-enterprises-forgoing-cyber-coverage-Argo-survey
Do you think your small business is at risk of being hacked? An overwhelming 87% of small business owners don’t think so. But, your business might be at risk more than you realize. About half of small businesses experience a cyber attack.https://www.forbes.com/sites/mikekappel/2017/11/08/5-ways-to-improve-your-small-business-cybersecurity/#22d3f7241f6f
(Reuters) — The Trump administration on Wednesday publicly released its rules for deciding whether to disclose cyber security flaws or keep them secret in an effort to bring more transparency to a process that has long been cloaked in mystery.http://www.businessinsurance.com/article/20171115/NEWS06/912317279/Trump-administration-releases-rules-on-disclosing-cyber-flaws
(Reuters) — Up to 180 million smartphone owners are at risk of having some of their text messages and calls intercepted by hackers because of a simple coding error in at least 685 mobile apps, cyber security firm Appthority Inc. warned Thursday.http://www.businessinsurance.com/article/20171109/NEWS06/912317174/Mobile-app-errors-expose-data-180-million-phones-Appthority-security-firm?utm_campaign=BI20171109BreakingNewsAlert&utm_medium=email&utm_source=ActiveCampaign
According to the 2017 Cost of Cyber Crime Study from Accenture and the Ponemon Institute, the average cost of cybercrime globally climbed to $11.7 million per organization this year, a 23% increase from $9.5 million in 2016.http://www.rmmagazine.com/2017/11/01/cybercrime-costs-businesses-11-7-million-per-year/
ATLANTA — Cyber coverage continues to evolve as the focus on types of perils changes, according to a panel of insurance industry experts speaking Thursday morning at the 30th annual Professional Liability Underwriters Society Conference in Atlanta.http://www.businessinsurance.com/article/20171102/NEWS06/912316989/Cyber-coverage-focuses-on-business-interruption-as-triggers-evolve-PLUS-conferen
Unfortunately, small businesses are sorely mistaken about their attraction to cyber attackers. A recent study (Ponemon Institute 2016 State of SMB Cybersecurity) found that in the last 12 months, hackers have breached half of all small businesses in the U.S.http://detroit.cbslocal.com/2017/10/24/small-businesses-risk-cybersecurity-attacks/
3D printing is on the verge of mainstream adoption, which will mean a fundamental shift in manufacturing. The driving force is not improvements to the technology, although those are also important, but rather a transformation in the industry’s business model.https://hbr.org/2017/10/3d-printing-gives-hackers-entirely-new-ways-to-wreak-havoc?utm_campaign=hbr&utm_source=linkedin&utm_medium=social
(Reuters) — The U.S government issued a rare public warning that sophisticated hackers are targeting energy and industrial firms, the latest sign that cyber attacks present an increasing threat to the power industry and other public infrastructure.http://www.businessinsurance.com/article/20171023/NEWS06/912316709/US-warns-public-about-attacks-on-energy,-industrial-firms
The House Oct. 11 passed a bill that would provide cybersecurity guidance to the nation’s millions of small businesses, which are frequent targets of cyberattacks.https://www.bna.com/cybersecurity-bill-help-n73014470758/
Yahoo’s been through it. So has the Democratic National Committee. More recently, it was Equifax. But it’s not just large businesses and organizations that are targeted by hackers. In fact, 1 in 5 small businesses has been targeted by a cyberattack, according to a study published Thursday by the Better Business Bureau.http://www.chicagotribune.com/business/ct-biz-better-business-bureau-small-business-cybersecurity-report-20171012-story.html
NEW YORK — The growing business role of the internet, the mounting exposures this brings and ways to manage and mitigate these new threats topped the agenda at a meeting of cyber experts which coincided with the start of National Cyber Security Awareness Month.http://www.businessinsurance.com/article/20171010/NEWS06/912316402/Cyber-awareness-campaign-aims-to-highlight-growing-exposures?utm_campaign=BI20171010BreakingNewsAlert&utm_medium=email&utm_source=ActiveCampaign
Today Yahoo sent out a notice disclosing that a further investigation of the 2013 breach has produced new evidence. The company now believes that all of its three billion accounts were impacted, not 1 billion as it previously thought.https://techcrunch.com/2017/10/03/yahoo-says-all-3b-accounts-were-impacted-by-2013-breach-not-1b-as-thought/
(Reuters) — Property Claim Services (PCS), a Verisk Analytics company, estimated an insured loss of $125 million from a massive data breach disclosed last month by Equifax Inc., that has plunged the credit-monitoring company into crisis.http://www.businessinsurance.com/article/20171002/NEWS06/912316241/Equifax-data-breach-to-cost-insurers-$125-million-Lloyds-Beazley?utm_campaign=BI20171002BreakingNewsAlert&utm_medium=email&utm_source=ActiveCampaign
(Reuters) — Amazon.com Inc.'s Whole Foods Market on Thursday said payment card information has been stolen from taprooms, restaurants and other venues located within some of its stores.http://www.businessinsurance.com/article/00010101/NEWS06/912316193/Whole-Foods-says-taprooms,-restaurants-hacked
Small business owners say they're worried the Equifax hack could hurt both their personal finances and their businesses.http://money.cnn.com/2017/09/28/pf/equifax-small-business-lawsuit/index.html
WASHINGTON (CN) – Worldwide disruption from a cyberattack on pharmaceutical giant Merck this summer has led Congress to request a formal briefing with the company’s CEO and Health and Human Services Secretary Tom Price.https://www.courthousenews.com/congress-asks-merck-information-cyberattack/
One of the world’s “big four” accountancy firms has been targeted by a sophisticated hack that compromised the confidential emails and plans of some of its blue-chip clients, the Guardian can reveal.https://www.theguardian.com/business/2017/sep/25/deloitte-hit-by-cyber-attack-revealing-clients-secret-emails
The Securities and Exchange Commission, the country’s top Wall Street regulator, announced Wednesday that hackers breached its system for storing documents filed by publicly traded companies last year, potentially accessing data that allowed the intruders to make an illegal profit.https://www.washingtonpost.com/news/business/wp/2017/09/20/sec-reveals-it-was-hacked-information-may-have-been-used-for-illegal-stock-trades/?utm_term=.9a675f5cd94a
What is the number one root cause behind data breaches across North America for small businesses? If you said negligent employees, you would be right.
Although the details surrounding how hackers infiltrated Equifax remain vague, to many it comes as no surprise that the credit reporting firm was hacked.http://www.insurancebusinessmag.com/us/news/cyber/why-the-equifax-hack-was-not-a-surprise-79433.aspx
We are happy to announce a new partnership with CyberScoutTM, a leading provider of identity and data breach defense services, for our Allied Reinsurance Company (ARC) program, which reduces the risks related to cyber crime for our clients. Captive carriers accounted for about half of the personal lines market in 2016 and according to a 2016 survey by the Captive Insurance Companies Association (CICA), cyber risk is the number one emerging risk cited by captive insurance company owners and the number one non-traditional risk.http://mailchi.mp/b4be79c8df73/new-partnership-with-cyberscout?e=0f58a45b50
The pain has only just begun for Equifax. Last Thursday, the giant credit bureau disclosed that hackers stole personal information for 143 million of its customers, presumably mostly Americans, but also Canadians and Europeans.http://cyberscout.com/education/blog/cyber-security-experts-outline-equifax-ripple-effect
After years of stealing data for fraud and corporate espionage, hackers increasingly are trying a new way to profit from their digital break-ins: extortion.http://www.foxbusiness.com/features/2017/09/13/hackers-latest-weapon-cyber-extortion.html
The potential for invasion of privacy when using drones remains the top concern for a majority of risk managers, according to a Munich Reinsurance America Inc. survey released Wednesday.http://www.businessinsurance.com/article/20170906/NEWS06/912315677/Drone-privacy-issues-concern-risk-managers-Munich-Re-America-report
A report recently released by the Institute for Critical Infrastructure Technology pointed out that most cybersecurity incidents (both intentional and accidental) are the result of some action by insiders.http://www.techrepublic.com/article/10-tips-for-reducing-insider-security-threats/
Equifax is one of the largest credit reporting agencies in America, which makes an announcement the company just issued particularly disconcerting. https://www.forbes.com/sites/leemathews/2017/09/07/equifax-data-breach-impacts-143-million-americans/#dfc6aa4356f8
Could your business recover from an abrupt loss of $256,000? Because that’s how much a single cybersecurity hack could cost a small business, according to a recent analysis in Tech Republic.https://www.entrepreneur.com/article/298889
A trailer is not a warehouse covered by an insurance policy, says a federal appeals court in upholding a ruling in favor of Starr Indemnity & Liability Co. in a coverage dispute with a computer wholesaler over a theft.http://www.businessinsurance.com/article/20170905/NEWS06/912315645/A-trailer-is-not-a-warehouse,-says-court-on-Starr-policy?utm_campaign=BI20170905BreakingNewsAlert&utm_medium=email&utm_source=ActiveCampaign
(Reuters) - A U.S. judge said Yahoo must face nationwide litigation brought on behalf of well over 1 billion users who said their personal information was compromised in three massive data breaches.https://www.reuters.com/article/us-verizon-yahoo-breach/yahoo-must-face-litigation-by-data-breach-victims-u-s-judge-idUSKCN1BB25Q
Hiscox, the international specialist insurer, today released the 2017 Hiscox Embezzlement Study™, an examination of employee theft in the US. The findings reveal that US businesses impacted by employee theft lost an average of $1.13 million last year. Small and mid-sized companies (fewer than 500 employees) continue to be disproportionally victimized by employee theft, representing approximately 68 percent of cases.https://globenewswire.com/news-release/2017/08/23/1091456/0/en/Employee-theft-cost-US-businesses-an-average-of-1-13-million-in-losses-according-to-2017-Hiscox-Embezzlement-Study.html
With the number of security breaches we’ve seen in recent years, it’s a good idea to check your bank transaction record frequently as you can’t be certain whether someone out there is holding your credit card number.https://ivn.us/2017/08/22/risks-cyber-attack-health-care-industry/
WASHINGTON--(BUSINESS WIRE)--Crowd Research Partners today released its 2017 Threat Monitoring, Detection and Response Report, revealing that companies are losing ground against rising cybersecurity threats. http://www.businesswire.com/news/home/20170815005234/en/New-Cybersecurity-Study-Reveals-Companies-Losing-Ground
In a case that is on remand from the U.S. Supreme Court, an appellate panel has ruled that a plaintiff in a Fair Credit Reporting Act case has alleged a concrete injury from an inaccurate consumer report and can proceed with his case.http://www.businessinsurance.com/article/20170816/NEWS06/912315221/Fair-Credit-Reporting-Act-case-against-Spokeo-can-proceed
Large corporations spend hundreds of thousands, often millions, of dollars on cybersecurity, but when it comes to small businesses, many owners aren't spending enough.https://www.cnbc.com/2017/07/25/14-million-us-businesses-are-at-risk-of-a-hacker-threat.html
Cyber theft is the fastest-growing crime in the U.S., and cost the global economy more than $450 billion in 2016, with more than 2 billion person records stolen.https://www.cnbc.com/2017/07/25/stay-protected-from-the-uss-fastest-growing-crime-cyber-attacks.html
The U.S. Democratic Party. Disney. Netflix. Britain’s National Health Service.
These are just a few of the companies to make headlines recently for having been the victims of major cyber security attacks. https://www.utahbusiness.com/best-defense-cyber-security-small-businesses-entrepreneurs/
The digital world is expanding at such a rapid pace that we are required to not only increase resources, but also become more agile in addressing potential dangers for our organizations – even those not in the financial industry.https://risk-management.cioreview.com/cxoinsight/as-technology-industry-evolves-erm-takes-active-role-in-planning-nid-24809-cid-141.html
A federal appeals court has reinstated a putative class action lawsuit filed by health insurer CareFirst Inc. customers in connection with a 2014 data breach, holding their potential risk of injury from the breach is “substantial.”http://www.businessinsurance.com/article/20170801/NEWS06/912314862/Data-breach-class-action-against-health-insurer-CareFirst-reinstated
Law360, Los Angeles (August 2, 2017, 10:17 PM EDT) -- A Michigan federal judge ruled Tuesday that Travelers doesn't have to cover a tool manufacturer's losses from an email-based theft scheme, giving insurers more ammunition to argue that computer fraud insurance doesn't apply to multistep scams and deepening a divide among the nation's courts on the scope of such policies.https://www.law360.com/insurance/articles/950528/travelers-win-deepens-divide-over-computer-fraud-coverage?nl_pk=d0a96663-dfd2-44eb-80db-7e18d6ac47b9&utm_source=newsletter&utm_medium=email&utm_campaign=insurance
HBO confirmed on Monday that the network had been the target of a cyberattack, as an anonymous hacker boasted about leaking full episodes of upcoming shows along with written material from next week’s episode of “Game of Thrones.”https://www.nytimes.com/2017/07/31/business/media/hbo-hack-game-of-thrones.html
In the neonatal intensive care unit of Cook Children's Hospital in Fort Worth, Texas, a father is rocking a baby attached to a heart monitor.http://www.npr.org/sections/health-shots/2017/07/26/539290596/hospitals-face-growing-cybersecurity-threats
In the neonatal intensive care unit of Cook Children's Hospital in Fort Worth, Texas, a father is rocking a baby attached to a heart monitor. http://www.npr.org/sections/health-shots/2017/07/26/539290596/hospitals-face-growing-cybersecurity-threats
In the neonatal intensive care unit of Cook Children's Hospital in Fort Worth, Texas, a father is rocking a baby attached to a heart monitor. http://www.npr.org/sections/health-shots/2017/07/26/539290596/hospitals-face-growing-cybersecurity-threats
The digitization of information has enhanced delivery of care, but it has also made data more vulnerable to attack.http://www.nhbr.com/July-21-2017/Healthcare-cybersecurity-is-due-for-a-checkup/
If the recent cyber attacks have taught us anything, it is that most people are dangerously unprepared for them. https://thenextweb.com/contributors/2017/07/20/5-lessons-small-business-learn-recent-cyber-attacks/#.tnw_1ilyC3g0
(Reuters) - Package delivery company FedEx Corp (FDX.N) said a disruption in services in its TNT Express unit following a cyber attack last month would hurt its full-year results.https://www.reuters.com/article/us-cyber-attack-fedex-idUSKBN1A21D7
Federal HIPAA penalties have lurked in the wings for years, but now accused operators have state attorneys' general and plaintiff's attorneys to worry about.http://www.mcknights.com/news/hipaa-breaches-bringing-heavy-implications-class-action-lawsuit-threats/article/671950/
The WannaCry worm is still alive. Honda said this week that it was forced to halt production for one day at its Sayama plant near Tokyo after finding the WannaCry ransomware in its computer network. https://www.forbes.com/sites/peterlyon/2017/06/22/cyber-attack-at-honda-stops-production-after-wannacry-worm-strikes/#6fc68b195e2b
A drive-by malvertising attack known as AdGholas will infect victim machines with the Mole ransomware, without any action taken on behalf of the user. http://www.techrepublic.com/article/simply-viewing-this-malicious-ad-will-infect-your-computer-with-ransomware/
The recent “WannaCry” cyberattack affected hundreds of thousands of computers around the world. The attack targeted organizations of every type, including hospitals, government agencies, and corporations, freezing computers and locking out users until they paid a “ransom” to release their data. http://www.cobizmag.com/Trends/Ransomware-is-on-the-rise-What-is-it-and-how-to-protect-your-company/
South Bend-based Beacon Health System is notifying about 1,200 patients that a former employee accessed patient records without proper authorization. The health system says it is unaware of any "actual or attempted misuse of patient information," which included Social Security numbers and possibly financial and health insurance information. http://www.insideindianabusiness.com/story/35546341/beacon-details-unauthorized-access-of-patient-records
After completing a probe with cybersecurity firms and law enforcement, Chipotle (CMG) now believes that customers at stores across 48 states could have been affected by a hack on the company's payment systems between March 24 and April 19. In some cases, the stolen data contained the customer's name in addition to their card number, expiration date and verification number. https://www.thestreet.com/story/14153756/1/chipotle-admits-cyber-attack-affected-most-u-s-stores.html
The WannaCry attack has been identified as the biggest ransomware outbreak in history. This is a cyber pandemic caused by a ransomware weapon of mass destruction. http://www.thespectrum.com/story/life/features/mesquite/2017/05/28/ready-new-ransomware-attacks/351212001/
Ransomware is a growth industry – and it's growing because it works. Attacks by hackers that lock up data unless a ransom is paid shot up an unbelievable 6000% worldwide in 2016 over the previous year. According to the FBI, hackers “earned” over a billion dollars in ransomware attacks in 2016, some five times over the amount they netted in 2015. https://www.infosecurity-magazine.com/opinions/small-business-prepare-ransomware/
Ransomware is one of the most successful and profitable weapons in the cyber criminal's armory, partly because it leverages an old-fashioned crime in a new digital format. https://betanews.com/2017/05/09/ransomware-remains-profitable/
The recent growth in the cyber insurance market is already improving cybersecurity in some industry segments, and has the potential to do more -- if the industry is able to address its data problem. http://www.csoonline.com/article/3193101/security/how-the-insurance-industry-could-change-the-game-for-security.html
Cybercriminals had a very good year in 2016 — and we all paid the price.
These digital bandits became more ambitious and more creative and that resulted in a year marked by "extraordinary attacks," according to the 2017 Internet Security Threat Report from Symantec. "Cyber crime hit the big time in 2016, with higher-profile victims and bigger-than-ever financial rewards," the report concluded. http://www.nbcnews.com/tech/tech-news/cybercriminals-breached-over-billion-accounts-last-year-n753131
Increased propriety research, prototypes, and amounts of confidential personal data have all helped fuel cyberespionage attacks, such as phishing attacks, according to a recent Verizon report. http://healthitsecurity.com/news/verizon-finds-phishing-attacks-malware-top-data-breach-causes
As we move beyond the widespread acceptance and use of online banking and trading platforms and push further into an increasingly digital financial marketplace, consumers face new forms of risk—namely, cyber risk—that would have been unfathomable previously. When confronted with risks that could be financially devastating, consumers are driven to mitigate and insure against such perils. Has the time come to purchase insurance for financial cyber risks?http://origin-nyi.thehill.com/blogs/pundits-blog/technology/330464-can-cybersecurity-insurance-protect-consumers-from-attacks
Instances in which Iowans’ identity was stolen jumped a whopping 30 percent, from a rate of 56 people for every 100,000 Iowans in 2014 to 73 just a year later, in 2015.
Most of the thefts happened via the internet. The growth in Iowa mirrors what is happening nationwide. Thefts via the digital world are on the rise as the crime evolves with technology. Yet, many people making legitimate purchases online still have a false sense of security about their private financial information. http://iowawatch.org/2017/04/26/unsuspecting-iowans-fall-into-cyberattack-web/
Hackers are demanding increasingly hefty ransoms to free computers paralyzed with viruses, as cyber criminals seek to maximize profits from large numbers of victims willing to pay up, according to cyber security firm Symantec Corp. http://www.businessinsurance.com/article/20170426/NEWS06/912313099/Cyber-extortion-ransomware-demands-surge-victims-keep-paying-Symantec?utm_campaign=BI20170426BreakingNewsAlert&utm_medium=email&utm_source=ActiveCampaign
The cost of downtime due to lack of access to systems for customers and employees was the biggest business impact of a ransomware attack according to 59 percent of respondents to a new survey.
A newly discovered variant of the Android ransomware PornDroid eludes all antivirus programs by waiting four hours before executing its malicious activity as well as by employing heavy amounts of obfuscation.
Ransomware, identified by the U.S. Department of Justice as the “biggest cyberthreat” of 2017, isn’t just a problem for big businesses like hospitals or banks. Cyberthieves are increasingly targeting the malicious software, which locks all files on a targeted computer or network until the owner pays up, at smaller and arguably more vulnerable organizations.
Why ransomware increasingly targets the little guys
Almost 40% of computers in industrial applications were subjected to cyber-attacks in the second half of 2016, according to new research from Kaspersky Lab ICS Cert. It also reveals that the percentage of industrial computers (IPCs) under attack rose from more than 17% in July 2016 to more than 24% by December 2016. The top three sources of infection were the Internet, removable storage devices, and malicious e-mail attachments and scripts embedded in the body of e-mails. http://drivesncontrols.com/news/fullstory.php/aid/5386
You might think your smartphone or laptop is relatively safe from cyber attacks thanks to anti-virus and encryption software. But your devices are increasingly at risk from “side-channel” attacks, where an intruder can bypass traditional network entry points and use another way to compromise the device. http://theconversation.com/the-next-cyberattack-could-come-from-sound-waves-74716
When hackers associated with North Korea tried to break into Polish banks late last year they left a trail of information about their apparent intentions to steal money from more than 100 organizations around the world, according to security researchers. https://www.nytimes.com/2017/03/25/technology/north-korea-hackers-global-banks.html?_r=1
Data breaches have resulted in hundreds of millions of data records being illegally accessed. Home Depot, Target, Michael’s, TJ Maxx, Snapchat, Facebook, Twitter, Sony, Kmart, Apple’s iCloud, First Commonwealth Bank, and P.F. Chang’s are just a few of the companies that have reported a major data breach. The Russian hacking of the Democratic National Committee during the 2016 Presidential campaign may have impacted the election. Similarly, DDos (Denial of Service) attacks have targeted banks and other financial service providers. http://www.lexology.com/library/detail.aspx?g=938c0783-bc64-407c-acc9-bcf92bb0eeff
There's a new cyber threat on the horizon. And it's fiendishly subtle and potentially very dangerous. Fake data - altering databases and documents without anyone noticing. http://www.bbc.com/news/business-38254362
Security experts say how individual companies choose to save their data in anticipation of an outage depends on how long they can survive before the “lights” are turned back on. What level of availability does your company need? Is the face of your company an ecommerce site where even a few minutes offline can cost an astronomical sum? Will the cost of an active-active system outweigh the potential loss of business from an outage? http://www.csoonline.com/article/3178392/disaster-recovery/disaster-recovery-how-is-your-business-set-up-to-survive-an-outage.html
It is interesting to note the portions of the WikiLeaks Vault 7 dump that have elicited the most visceral response. Many pundits and analysts have divided their rage between targets like Julian Assange (the traitor), the leaking NSA/CIA employee (deep drip), and the NSA itself (Big Bro) for spying on U.S. citizens. But nowhere have I heard a word in the mainstream media about mis-attribution or Russian hacks. https://www.lifezette.com/polizette/u-s-intelligence-hamstrings-private-sector-security/
On Friday, a blog at Check Point Software Technologies’ website said that its engineers had found severe infections on 36 Android devices belonging to two unnamed telecommunication and multinational companies. The post pointed out that this is not unusual, but that the striking element is that the infections came preinstalled on the devices. http://www.itbusinessedge.com/blogs/data-and-telecom/the-android-supply-chain-is-not-secure.html
Data breaches have been occurring more frequently, and it is not just happening at large big-box retailers. In fact, most cybersecurity attacks target businesses with less than 250 employees because their security may be more vulnerable. So no matter the size of your business, it is important to manage the risks related to a data breach and reduce the significant costs that can result from one. Now might be the time to explore how cyber security insurance may protect your business. http://www.bizjournals.com/buffalo/news/2017/03/09/why-your-business-needs-cybersecurity-insurance.html
CNN reports that a ransomware attack has locked the computer network of the Pennsylvania Democratic Caucus. This is what we call a teachable moment. http://www.workforce.com/2017/03/06/lessons-ransomware-attack/
Japanese anti-virus developer Trend Micro’s annual cybersecurity report, released on Sunday, revealed a 752 per cent increase in ransomware, the software used by hackers to block data and then demand money to return it. http://gulfnews.com/business/sectors/technology/microsoft-describes-ransomware-as-scary-1.1988674
Today, we are just beginning to understand the seriousness of an emerging threat to the grid's cybersecurity. As the grid has become more dependent on computers and data-sharing, it has become more responsive to changes in power demand and better at integrating new sources of energy.http://www.dailymail.co.uk/sciencetech/article-4264862/US-power-grid-hacked-needs-better-cybersecurity.html
Insurers need to rethink their approach to cyber insurance if they are to break a “vicious circle” that is holding back the market, according to a report.https://www.ft.com/content/7a0b1120-f921-11e6-9516-2d969e0d3b65
Investigative reporter Brian Krebs has uncovered a software vendor which has attempted to downplay a major breach of its systems in a “supply-chain attack”.https://www.scmagazineuk.com/vendor-hiding-supply-chain-cyber-attack-gets-uncovered-by-krebs/article/639508/
With health care data fetching significant profits both in underground data sales and ransomware, the industry is an inviting target, but network scans indicate organizations remain vulnerable.http://www.eweek.com/security/health-care-services-remain-inviting-cyber-attack-targets-report.html
The concept is relatively simple; criminals send a bogus e-mail to an employee with an enclosed attachment. The employee opens it up, and this encrypts the data on the system. The victim is then asked to pay a ransom to receive the decryption key. https://www.scmagazineuk.com/ransomware-could-dentists-and-gps-be-the-next-victims/article/637938/
Some cyberattacks make it to the front pages of mainstream publications. We’ve read about the breach at Target of 40 million payment cards, and the cyberattack on Yahoo that compromised data from more than 1 billion user accounts. All these highly publicized cyberattacks have one thing in common: they involve customer data. http://www.forbes.com/sites/forbesinsights/2017/02/14/the-cyberattacks-we-dont-hear-about-but-should/#4c03773757c1
Researchers have issued a warning that hackers are resorting to the use of file-less malware programs to gain stealth access to the systems of organizations. This new form of attack is not only severe regarding its consequences but also represents a new threat, given its growing level of popularity. Here are details about this new form of stealth malware that you need to know. https://www.hackread.com/the-rise-of-file-less-malware-attacks/
Malicious viruses, like Stuxnet, explicitly target critical systems that control pumps, motors, valves and programmable logic controllers,” Deloitte warned in its ninth annual mining report. http://www.canadianunderwriter.ca/insurance/hacking-driverless-cars-concern-mining-industry-deloitte-1004108778/
A former teacher in Wayne County was arrested after a computer network was hacked, causing substantial data loss, according to Michigan State Police. http://www.clickondetroit.com/news/disgruntled-employee-accused-of-hacking-student-records-at-detroit-school
November was another bumper month for big cyber attacks. There was something for everyone, with new mobile malware in the form of the Gooligan campaign, new distributed denial of service (DDoS) attacks through the Mirai malware and standard data breaches in the cases of Three and the National Lottery. http://www.cbronline.com/news/cybersecurity/breaches/monthly-attack-alert-biggest-cyber-attacks-november/
AS HACKERS wreak havoc with depressing regularity, the insurance industry finds itself forced to contemplate a whole new set of risks. They range from the theft of millions of credit-card numbers from American retailers to the disabling of the power grid, as happened in Ukraine last December. http://www.economist.com/news/finance-and-economics/21711086-only-cyber-calamity-will-reveal-how-ready-industry-insurers-grapple
Some users of San Francisco’s light-rail system rode free this weekend after a hacker infiltrated the computers that run the ticket-vending machines, knocking them offline. http://www.wsj.com/articles/after-ransomware-san-francisco-offers-free-light-rail-rides-1480366454
Of the companies surveyed worldwide, 85% admitted to suffering from 3 or more attacks in a year, with six being the global average of ransomware attacks. http://www.computerworld.com/article/3142779/security/half-of-surveyed-us-businesses-admitted-to-suffering-a-ransomware-attack.html
When healthcare executives think of economics, their first thought no doubt is of money. But that’s not necessarily the right thought when it comes to the economics of cybersecurity, said Scott Borg, chief economist at the U.S. Cyber Consequences Unit. http://www.healthcareitnews.com/news/internet-things-enormously-expand-kinds-cyberattacks-hospitals-suffer-economist-says
A recent study performed by IBM's Resilient and the Ponemon Institute found that 66% of organizations would be unable to recover from a cyberattack. The results of the 2016 Cyber Resilient Organization study were released Wednesday, and show a decline in organizational resilience against cyberattacks. http://www.techrepublic.com/article/66-of-organizations-wont-recover-after-cyberattack-study-says/
An officer in two Utah County irrigation companies embezzled more than $1 million, including selling water shares and keeping the money for himself, according to a federal indictment. http://www.deseretnews.com/article/865667401/Utah-County-man-embezzled-1M-from-2-irrigation-companies-feds-say.html?pg=all
Recently a software company in Florida was hacked. The company, which brings in about $25 million in annual revenue, serves clients such as Wal-mart and Big Lots. The hackers, based in Germany, got into the company's database, stealing all of its customer information. Hiring a data-recovery firm to undo the damage cost $5 million. http://www.cnbc.com/2016/11/17/cyber-hackers-the-biggest-threat-blowing-up-companies-worldwide.html
Adobe Systems Inc. (ADBE) has received a $1 million fine related to the computer software company's 2013 data breach. http://www.investopedia.com/news/adobe-fined-1-million-after-2013-hack-adbe/
Whenever you read the words, ‘Google’, ‘China’ and ‘Hackers’ in the same sentence, it generally cannot be good news. A team of white hat hackers from China managed to hack Google’s flagship smartphone Pixel within 60 seconds. http://www.financialexpress.com/industry/tech/google-pixel-hacked-in-60-seconds-is-your-smartphone-safe-from-cyber-attacks/445351/
According to the results of a recent Barkley survey of 60 companies that were hit by successful ransomware attacks over the past 12 months, 77 of respondents said the attacks bypassed email filtering solutions. http://www.esecurityplanet.com/network-security/77-percent-of-ransomware-attacks-successfully-bypass-email-filtering.html
Despite increasing efforts to alert users of ransomware while attempting to combat cybercriminals, the number of those affected by the malware continues to soar. http://technology.iafrica.com/news/1039579.html
After Samba ransomware that encrypts victims’ hard drives and CryPy ransomware known for encrypting each file individually here comes Fantom, a ransomware that uses full-screen Windows updates progress UI to get users to wait while it encrypts their files.https://www.hackread.com/fantom-ransomware-windows-update-screen/
An "apology" from developer Hello Games over controversial space sim No Man's Sky this weekend has been blamed on a hack by a disgruntled employee. The incident began on the weekend when Hello Games' Twitter account posted a tweet simply stating that "No Man's Sky was a mistake." An email was also sent from the account of studio founder Sean Murray to a number of games journalists. http://www.gameplanet.co.nz/playstation-4/news/g5816855a6e5d7/No-Mans-Sky-mistake-tweet-blamed-on-hack/
Ransomware attacks against businesses will be four times higher in 2016 than last year, with a growing number of ransom-seeking hackers demanding bitcoin rather than money, according to a report by specialty insurer Beazley. http://www.insurancejournal.com/news/national/2016/10/26/430541.htm
The US company targeted in last week's massive cyber attack said Monday that possibly 100,000 connected devices were hijacked to swamp its systems and close off the internet to millions of users. http://phys.org/news/2016-10-hijacked-devices-cyber-dyn.html
Criminals are increasingly doing their crooked shopping online as chip readers become more common at brick-and-mortar stores. http://www.bizjournals.com/pacific/news/news-wire/2016/10/26/as-online-credit-card-fraud-rises-so-do-merchants.html
The U.S. National Highway Traffic Safety issued recommendations to automakers on Monday on how to protect connected and automated vehicles from cyber attacks. The agency’s guidelines are suggestions, but cannot be enforced. http://www.bizjournals.com/pacific/news/news-wire/2016/10/25/hackers-have-proven-they-can-hijack-cars-so.html
U.S. investigators are still trying to figure out who was behind the cyberattack Friday that crippled some of the biggest sites on the internet, from Amazon to Twitter. http://www.cbsnews.com/news/hackers-exploited-connected-smart-devices-for-massive-cyberattack/
A Southern California woman was shocked to receive a graphic message and lose $600 in tickets from Expedia after a dispute over travel insurance. http://www.carbonated.tv/viral/expedia-employee-cancels-flights-sends-f-you-to-customer
Ransomware just got even more real: it's now the number one attack vector in the financial services sector, which traditionally has been considered a model industry for best security practices. http://www.darkreading.com/attacks-breaches/ransomware-raises-the-bar-again-/d/d-id/1327138
Three-hospital Care New England Health System (CNE) agreed to pay a $400,000 fine and complete an OCR-prescribed corrective action plan that will last for six years. As in recent OCR penalties, the chain was sanctioned because of the business associate provisions of HIPAA. http://www.healthdatamanagement.com/news/ocr-hits-care-new-england-health-with-400-000-hipaa-fine
The lawsuits filed against Yahoo in the wake of a massive data breach at the Internet media company are increasing. http://www.usatoday.com/story/tech/news/2016/09/25/breachs-wake-yahoo-user-lawsuits-begin-pile-up/91080832/
Last October, Ford dealer O.C. Welch and his service manager noticed that gross profits weren't as high as they should have been based on the number of repair orders. They scrutinized the books at O.C. Welch Ford-Lincoln in Hardeeville, S.C., and found payments to nonexistent vendors. The trail led to Assistant Comptroller DeAnne Ogden. http://www.autonews.com/article/20160926/RETAIL/309269961/a-dealers-nightmare%3A-%3Cbr-%2F%3E$2-million-embezzled
Yahoo Inc said on Thursday that information for at least 500 million user accounts was stolen from its network in 2014 by what it believed was a state-sponsored actor, a theft that appeared to the biggest cyber breach ever. https://www.yahoo.com/tech/yahoo-set-confirm-massive-data-breach-recode-112838870--finance.html
Education, government, and healthcare top the list of at-risk sectors, according to a new report. Here's what you need to know to protect your company. http://www.techrepublic.com/article/report-the-top-6-industries-hit-by-ransomware/
(Tampa Bay, FL) September 19, 2016 – A new report reveals that nearly half of U.S. consumers have experienced card fraud,(1) while another survey found that 56% of fraud victims changed their card use or shopping behavior after a fraudulent charge.(2) eConsumerServices (econsumerservices.com/), a dispute mediation firm, maintains that card issuers and merchants must be proactive to avoid losing business in cases of credit card fraud; so CEO Gary Cardone counsels banks and retailers on steps they can take to retain consumers’ trust.http://www.paymentsjournal.com/PressRelease.aspx?id=32768
The city contends the water department worker was disgruntled after being passed over for a promotion and decided to retaliate—by deleting the evidence the city uses to defend itself in TORT claims- those are grievances claiming negligence when city property damages private property.http://www.kjrh.com/news/city-claims-fired-water-department-employee-deleted-evidence-used-to-defend-tort-claims
Hackers are increasingly targeting healthcare institutions with malware because of their poor cyber-security posture, reliance on legacy IT systems, third-party services and the need to access information as soon as possible in order to deliver great patient care. These are the conclusions released in a new report entitled McAfee Labs Threats Report: September 2016.http://www.itproportal.com/news/hospitals-paid-almost-100000-to-a-ransomware-attacker/
The Southwest Utah Public Health Department has agreed to repay some $73,000 in Medicaid allocations after investigators found one of its employees had been providing patient services through a separate private company.http://www.thespectrum.com/story/news/2016/09/10/health-department-employee-gone-after-apparent-medicaid-scheme/90205684/
Concerns over ransomware have grown considerably this year, and for good reason. A new study finds that nearly half of all cloud-based malware now delivers ransomware applications.http://www.healthdatamanagement.com/news/nearly-half-of-cloud-based-malware-delivers-ransomware
Ransomware is a fairly new scam that’s exploding in popularity, according to local computer experts. That’s because its believable and lucrative. Give these crooks too much information, and they'll drain your bank account.http://turnto10.com/i-team/consumer-advocate/nbc-10-i-team-ransomware-attacks-increase-in-southern-new-england
Bob Anderson and Benjamin Donnachie, cybersecurity experts at Navigant, give their perspective on the imminent cyber-security threats for law firms and their clients.http://www.cdr-news.com/categories/white-collar-crime/6685-the-dark-web-of-cybercrime
Credit Suisse Group AG is accusing a group of five investment bankers who left for Jefferies Group LLC in May of stealing confidential information and trying to coax former colleagues to join them. http://www.businessinsider.com/r-credit-suisse-banker-dispute-shows-challenge-of-ceos-new-strategy-2016-8
America is under cyberattack; this is the harsh reality. Over the past few years, we’ve seen numerous high-profile hacks on government systems that have directly impacted government organizations, citizens, and in some cases even the presidential candidates themselves.
A former administrative worker at a Florida-based pediatric practice has been indicted in federal court along with two others for alleged identity theft and fraud crimes involving stolen patient information. But no HIPAA-related criminal charges were filed in the case. http://www.databreachtoday.com/fraud-case-centers-on-alleged-stolen-pediatric-clinic-data-a-9383