For people with responsibility for corporate security – everyone from CIOs to CISOs and CROs – AI presents two types of risk that change the nature of their jobs. The first is that criminals, bad state actors, unscrupulous competitors, and inside threats will manipulate their companies’ fledgling AI programs. The second risk is that attackers will use AI in a variety of ways to exploit vulnerabilities in their victims’ defenses. The question remains – which protects which?
A noticeable shift in the methodology for developing malware is taking place, and it can’t go unaddressed. A few years ago, attackers’ primary objective was to avoid detection – second only to making a profit. But recently, these criminals have realized a critical truth: the longer they hold an infected endpoint, the more their profit increases.
Open Source software is always trustworthy, right? Last year, Bertus broke a story about a malicious Python package called “Colourama”. When used, it secretly installs a VBscript that watches the system clipboard for a Bitcoin address and replaces that address with a hardcoded one. Essentially this plugin attempts to redirects Bitcoin payments to whoever wrote the “colourama” library.
It’s no surprise that spending on security technology continues to soar. Nevertheless, data breaches and cyber attacks make headlines at an incredible rate, with no relief in sight. The Online Trust Alliance reported that attacks in 2017 came from a myriad of vectors, such as phishing and ransomware, and that the number of attacks doubled to nearly 160,000 incidents per year over 2016. What’s worse, estimates for the number of unreported attacks exceed 350,000 annually.
Employees conducting attacks on their own employees – known as insider threats – are becoming increasingly common and costly. According to a CA report, over 50% of organizations suffered an insider threat-based attack in the previous 12 months, while 25% say they are suffering attacks more frequently than in the previous year. 90% of those organizations claimed to feel vulnerable to insider threats.
It seems that the numerous benefits of cloud computing make the disruption of digital transformation worthwhile. However, a recent torrent of automated attacks on cloud infrastructure’s vulnerabilities has precipitated a somewhat gloomy outlook.
Every year, cybercrime gets worse. And it totally makes sense, because it is a lucrative line of work, so to speak. It’s estimated to be a $1.5 trillion industry, with some countries now basing their economy around cybercrime. As a result, cybercriminals’ activities are now facilitated by new technology that makes data breach attacks easier and more accessible. Therefore, the chances of your business suffering a cyber attack are getting bigger by the minute. Here is what you can expect in 2019.
Mobile devices aren’t immune to malware – just to let you know in case you had any doubts about that. In the past year, business professionals saw a 75% increase in banking Trojans, which allow cybercriminals to obtain financial credentials off mobile devices. Since employees increasingly use their mobile devices to complete work tasks, it’s easy to jeopardize their organizations that way. Here are the 5 ways to avoid mobile malware threats.
The concept of the Internet of Things – and its main advantage – is at the same time the biggest potential security risk for all those who have accepted it and have joined the circus, so to speak. Yes, people like having all the information all the time on all of their devices – neatly segmented and contextualized to fit their needs and situation. And yes, most of them haven’t given a second thought to providing access to their personal data to all kinds of services and systems in order to have everything they could ever want at the tips of their fingers – from comprehensive weather reports and traffic warnings to their own houses recognizing them as owners and turning the lights on upon entering. It is an interesting world we live in, with technology constantly at our beck and call, but are we also slowly starting to realize just how much we are allowing it to rule our lives? One could argue that every time the tech misbehaves or someone else takes advantage of it – and by proxy, us – it has failed us on some level. In that sense, let’s see the 4 times it did just that in 2018.