Cobalt Iron Named Top 10 Cybersecurity Company by CIO Bulletin
TikTok was the most often forged app linked to Covid-19 in 2021 H1
Investis Digital Publishes Critical Cyber Security Guide for C-Suite Leaders to Consider When Planning their Ransomware Attack Prevention Strategies
US online searches for ‘Facebook account hacked’ surge 93% YTD, almost double 2020 figure
Hacking a smart TV is easier than you think
Google and Microsoft products accumulated the most vulnerabilities in H1 2021
HID Global Improves Mobile Ticketing for Public Transportation with the World’s First Calypso-certified Software Development Kit for NFC
SOOS Revolutionizes Open Source Security with All-Inclusive, Flat Rate Pricing for Teams of Any Size
Afghanistan became the primary target for ransomware attacks in the past month
TECH5 Integrates its Digital ID with the MOSIP Foundational Identity Platform
-
50% of companies suffer repeat attacks by the same hackers
According to the data presented by the team of Atlas VPN, 50% of businesses worldwide have experienced recurring attacks from the same hackers, with companies in the United Kingdom suffering the most. What is more, out of the businesses that experienced repeated attacks, a whopping 61% of them did not remediate the breaches, leaving the companies vulnerable to any further attacks. Companies in the UK have had the most cybersecurity incidents — 55%, followed by organizations in North America (50%), Europe (49%), and Latin America (48%). The top five security threats affecting organizations are cloud vulnerabilities (65%), denial of service attacks (60%), phishing and social engineering attacks (52%), malicious insider threats (45%), as well as DNS-based attacks (44%). Low-value security alerts and shortage of staff are the main security challenges for organizations As cyber attacks are growing more sophisticated, breaches are becoming everyday events rather than worst-case scenarios. But what are the challenges that organizations face when dealing with cyber incidents? The number one challenge of survey respondents is that their systems generate too many low-value security alerts. When security analytics systems cannot effectively prioritize alerts, it wastes the team's time by asking it to clear low-value alerts while highly important alerts linger at the bottom of the queue. Therefore, 69% of companies see it as a significant challenge. Shortage of staff is another prevalent issue. In total, 60% of companies have a shortage of in-house expertise that could utilize security technologies, 56% say they lack the staff to pick up the workload, while 53% lack employees or skills to deliver lasting data-driven outcomes. Ruth Cizynski, the cybersecurity researcher and writer at Atlas VPN, shares her thoughts on the situation: “As long as organizations do not address existing vulnerabilities and security issues, they risk being hit by cybercriminals again. Organizations should prioritize internal processes that they can control over external security risks that they cannot. ” To read the full article, head over to: https://atlasvpn.com/blog/50-of-companies-targeted-by-same-hackers-in-repeat-attacks
-
43% of all malware downloads are malicious office documents
Even though infecting office documents with malware has been established for a long time, it is still very successful at tricking people. According to recent Atlas VPN team findings, 43% of all malware downloads are malicious office docs. Harmful office files are popular among cybercriminals as they usually can evade many antivirus software from detection. A year ago, in the second quarter of 2020, only 14% of all downloaded malware were malicious office docs. After that, in the third quarter of last year, the percentage jumped to 38%. Later on, downloaded malicious office documents slightly decreased to 34% in Q4 2020 and Q1 2021. Despite that, downloaded malware as office documents went right back up to new highs at 43% the next quarter. One of the most dangerous malware EMOTET was spread via Word documents before being disrupted in early 2021 by global law enforcement. What made EMOTET dangerous is that it opened doors for other malware installations such as information stealers, trojans, and ransomware. It seems EMOTET’s success spread quickly in cybercriminal groups, inspiring more hackers to try out a similar technique. Another reason for malicious document success is that they can bypass antivirus and tend to manipulate being a trustworthy source. For example, cybercriminals would mask malicious files and emails during the pandemic as registration for the vaccine or other financial benefits. It is easier to make people fall for malware when it is associated with reliable documents. Cybersecurity writer and researcher at Atlas VPN William Sword shares his thoughts on malware attacks: “Cybercriminals have benefited from the popularity of Microsoft Office and Google Docs by inserting malicious code into the files. Organizations must implement and maintain a cybersecurity strategy addressing both the technological and human components to protect users from falling victim to malware threats.” To read the full article, head over to: https://atlasvpn.com/blog/43-of-all-malware-downloads-are-malicious-office-documents
-
Social engineering attacks were responsible for the majority of business breaches in 2020
According to the data presented by the Atlas VPN team, social engineering cyberattacks were the primary cause of company breaches in 2020 at 14%, followed by advanced persistent threats (10%), unpatched systems (9%), and ransomware (9%). With social engineering attacks, criminals use a broad range of manipulation tactics to trick victims into giving out sensitive information or making security mistakes, such as revealing passwords, bank information, or giving away access to their devices. Ruth Cizynski, the cybersecurity researcher and writer at Atlas VPN, shares her thoughts on the situation: “The myriad of technology-based security solutions available today, such as anti-malware software, firewalls, and VPNs, give people a false sense of security. While these technological solutions do improve online safety, the reality is that most security breaches are caused by human error. No technology solutions will help if people will continue to fall for social engineering tricks.” Overall, 35% of organizations claim they experienced an increase in attacks compared to a year ago, with over one-fifth (23%) of companies stating that threat actors took advantage of the COVID-19 pandemic to disrupt organization’s activities. Companies fear cyberattacks will damage their reputation No company is immune to cyberattacks, while their consequences can be devastating. Naturally, companies are concerned about cyberattack threats. Corporate reputation is increasingly being recognized as the most important strategic asset in a company's value creation. Therefore, the number one concern for organizations regarding cyberattacks is the damage to a company's reputation. A whopping 78% of companies are afraid cyberattacks may harm their company’s image. Next up is data breaches resulting in customer physical or financial harm. Damage to clients is a major worry for 69% of organizations. Meanwhile, 49% of companies are also distressed about cyberattacks on the supply chain or business disruption. To read the full article, head over to: https://atlasvpn.com/blog/social-engineering-attacks-were-responsible-for-the-majority-of-business-breaches-in-2020
-
DeFi related hacks account for 76% of all major hacks in 2021
Decentralized finance (DeFi) is a system that allows for financial products to become available on a public decentralized blockchain network. According to the recent Atlas VPN team findings, DeFi related hacks make up 76% of major hacks in 2021. In addition, many fraudsters have started fake DeFi projects to benefit from the crypto industry hype. Even though the first Ethereum based protocol MakerDAO for DeFi was released in 2017, hacks abusing the system were not recorded until 2020. In 2019, money lost to hacks was mostly from phishing, ransomware, and other cyberattacks. A year later, in 2020, DeFi hacks already made up one-quarter of all funds lost to hacks that year — $129 million. One of the biggest DeFi hacks that happened last year was the attack on Harvest Finance that resulted in a loss of over $24 million. In the first half of 2021, DeFi hack losses have reached $361 million, surpassing last year’s total losses by 180%. Cybersecurity writer and researcher at Atlas VPN William Sword shares his thoughts on DeFi hacks and fraud: “The crypto industry has generated a lot of excitement, however, many newcomers are unaware of the risks. Lack of regulation in the crypto industry allows cybercriminals to thrive either by hacking less secured DeFi projects or by carrying out rug pull scams. For DeFi to become more legitimate, it is essential to establish security and business regulations.” [DeFi crime is on the rise] All DeFi crimes generally fall into one of the two categories: outside agents hacking the DeFi protocol or a rug pull conducted by insiders. DeFi fraud and hacks combined for a total of $474 million lost in the first half of this year. As established before, DeFi hacks made up $361 million of the total loss, while $113 million were stolen by DeFi fraudsters. This year, the biggest DeFi hack happened in May when the PancakeBunny protocol faced a flash loan exploit that extracted $45 million worth of crypto assets. The immediate sale of these tokens made the price of BUNNY tokens sink from $146 to $6. In June 2021, DeFi project WhaleFarm rug pulled $2.3 million from investors. After running just for a few days, the project’s anonymous developers vanished with the funds while their token lost 99% of its value. To read the full article, head over to: https://atlasvpn.com/blog/defi-related-hacks-account-for-76-of-all-major-hacks-in-2021
-
HID Global Extends its HID IdenTrust Certificate Authority (CA) Offering to Include Timestamping-as-a-Service
HID Global, a worldwide leader in trusted identity solutions, today launched an enterprise-grade service that enables users to verify the date and time of their electronically or digitally signed documents, code and other files. The service embeds an irrefutable date and time thereby binding the signer’s Public Key Infrastructure (PKI) digital certificate to the date and time of their signature. WHO: HID Global, which has now met the Internet Engineering Task Force (IETF) standards RFC 3161 requirements for operating as a Timestamping Authority (TSA). The company is also one of the world’s leading CAs and providers of digital certificate products. WHAT: The HID IdenTrust Timestamping-as-a-Service offers a high-availability cloud-based platform for enterprises to embed timestamps to any software application, documents, or digital files by creating and embedding a trusted timestamp date and seal. Manipulation of the file breaks this seal and alerts the user that the file is no longer in its original state. WHY: PKI digital certificates are used to create trusted digital identities for many use cases. They are strengthened through industry-standard IETF X.509 verification using a trusted CA signature. The IETF’s PKI Time Stamp Protocol (TSP) goes further to establish the signature’s “proof of existence” at an instant in time. Trusted time stamps combat digital certificate forgery, prevent unauthorized use of revoked certificates, simplify time-based compliance record-keeping, strengthen legal claims, and prove long-term signature validity. Application examples include securing antivirus software updates with timestamped signatures. HOW: Users connect to HID’s always-available Timestamping-as-a-Service to begin the process of creating their file’s unique identifying “fingerprint” and combining it with a trusted timestamp. The resulting timestamp token is sent to the client application and recorded with the file’s digital signature(s).
-
Cloud Conventions Introduces SafetyNet to Create a Virtual Backup Plan for Live Events
Cloud Conventions today introduced SafetyNet™, a new program to provide a virtual event backup options for associations, tradeshows, event managers or trade groups that have a live event scheduled now or in the near future. SafetyNet provides a standby virtual event platform that can be activated if needed when attendance for a live event declines or if there is a requirement to pivot to an all-virtual program. A SafetyNet platform can be brought online in a matter of days without technical support or programming. Cloud Conventions is a sophisticated event management platform that redefines the attendee and exhibitor experience with a strong focus on delivering virtual and hybrid events, regardless of size or budget. “It seems like a repeat of 2020 as event managers, associations and other trade groups are struggling to decide if they should cancel their live event, shift to virtual or hybrid, or take other precautions to make attendees and exhibitors feel safe,” said Carolyn Bradfield, CEO of Cloud Conventions. “Any group hosting live events today needs a virtual backup plan that can be activated to ensure attendees and sponsors can participate in industry sessions, continuing education and still make connections that they would miss when they can’t attend in person.” SafetyNet maintains a low-cost Cloud Conventions virtual platform on standby behind a private login until required. It is hosted on a custom URL, is fully branded, customized and organized to host live or on-demand sessions, exhibitor and sponsor booths or provide a resource center for all event-related content. Attendees can be imported from a live event registration system and have their record transferred to SafetyNet including demographics and event access permissions. Sponsors are assigned a virtual booth template and configured to go live without technical assistance, in a matter of hours. “Now that live events have partially returned, many groups ask themselves if virtual events are worth it, so they only focus on their in-person event, often to their detriment,” added Bradfield. “A 2020 study of 1,000 respondents, ‘Association Trends: From Disruption to Opportunity’ produced by Community Brands, details that having a virtual option for membership participation has changed from a nice-to-have to a must have. Some live events scheduled for the fall of 2021 are being abruptly cancelled due to on-going COVID risks. This is clearly an indicator that the pandemic is far from over. A SafetyNet option is the best insurance that the show will go on, no matter what.” SafetyNet is offered for a low, setup fee to create a fully branded and configured virtual environment. If the organizer chooses to go live with a hybrid or all-virtual event, the setup fee applies to the event package. Show managers can choose as much or as little assistance from Cloud Conventions to bring their event online quickly with all the features needed to educate and engage attendees. Having a virtual option guarantees a rewarding experience for attendees, better ROI for sponsors and ensures smoother event operation for organizers. Explore SafetyNet at: https://cloudconventions.com/page/139455/safetynet
-
Ransomware attacks surge by over 150% in 2021
Businesses and people around the world suffer ransomware attacks every day. According to the data presented by the Atlas VPN team, ransomware attacks are up 151% in the first half of 2021, compared to the same time in 2020. The United States is the most ransomware threatened country by a significant margin. In the first half of 2020, there were a total of 121.4 million ransomware attacks across the world. The most significant ransomware attack in H1 2020 was the Maze ransomware outbreak in the Cognizant company’s network. The attack cost about $50-$70 million to the business in revenue loss, recovery, and relief efforts. The first half of 2021 has already reached 304.7 million ransomware attack attempts making it the worst ever recorded year. Cybersecurity writer and researcher at Atlas VPN William Sword shares his thoughts on ransomware attack growth: “Ransomware attacks are a severe problem that terrorizes many organizations or government agencies, causing national danger. As many people neglect basic cybersecurity rules, they become easy targets for cybercriminals. Improving people’s cybersecurity awareness and preparedness is a must if companies want to reduce ransomware attacks.” Ransomware destination: The United States Ransomware attacks with the largest payouts mostly happened to US companies over the past couple of years. The United States is a prime target for most hackers, as the country has experienced 227.3 million ransomware attack attempts. In other words, there are about 865 threats every minute in the first half of 2021. The second most targeted country is the UK, as they encountered 14.6 million ransomware attack attempts. Many UK citizens and organizations became ransomware victims over the past couple of years. Next up, Germany suffered from 11 million ransomware threats so far this year. Lack of ransomware awareness is a massive problem for German small and medium-sized enterprises (SME). South Africa is fourth with 10.5 million ransomware attempts, and Brazil follows behind with 9.1 million attempted threats. To read the full article, head over to: https://atlasvpn.com/blog/ransomware-attacks-surge-by-over-150-in-2021
-
Cobalt Iron Joins Sheltered Harbor Alliance Partner Program as a Solution Provider
Cobalt Iron Inc., a leading provider of SaaS-based enterprise data protection, today announced that it has joined the financial sector not-for-profit initiative Sheltered Harbor as a technology Solution Provider Alliance Partner. Cobalt Iron's Compass® platform delivers SaaS data protection with on-prem and cloud deployment options. Sheltered Harbor's purpose is to protect customers, financial institutions, and public confidence in the financial system if a catastrophic event such as a cyberattack causes an institution's critical systems and backups to fail. Compass for Sheltered Harbor will protect critical account data for both on-premises and in-the-cloud implementations. Cobalt Iron is part of a select group of solution providers that Sheltered Harbor engages with in the development of Sheltered Harbor-compliant turnkey solutions that would assist its participants in implementation of the sector's resiliency standard. Once Cobalt Iron's Compass for Sheltered Harbor solution attains full endorsement, Sheltered Harbor Participants can take advantage of a ready-to-deploy, fully endorsed solution that meets Sheltered Harbor requirements without having to develop, manage, and maintain a proprietary data vault. Instead, they can work with Cobalt Iron to deploy Compass for Sheltered Harbor quickly and comprehensively as the data vault technology of choice. Compass for Sheltered Harbor will enable financial institutions to back up critical customer account data each night in the Sheltered Harbor standard format. The data in the vault is encrypted, unchangeable, and completely separated from the institution's infrastructure, including all backups. "Cyberthreats are compounding on a daily basis, and the financial industry is a ripe target. That's what makes this partnership with Sheltered Harbor so important," said Andy Hurt, chief marketing officer, Cobalt Iron. "Participants will have a data vault option with flexible, hybrid-cloud implementation, so they don't have to spend time and money developing and getting approval for a complex, difficult-to-manage, homegrown solution." "We are thrilled to work with Cobalt Iron as a Solution Provider in our growing Alliance Partner Program," said Carlos Recalde, president and CEO of Sheltered Harbor. "As we continue our mission of protecting the U.S. financial system from the impact of a devastating cyberattack, we wanted a partner that could address the breadth of the diverse financial sector market — particularly as a service. We are impressed with how close Cobalt Iron's current product is to meeting our requirements and with the diligence and agility that they are demonstrating in getting it fully compliant." More information on the partnership can be found here: https://www.cobaltiron.com/solutions/compass-for-sheltered-harbor/
-
Flexxon Named Finalist in Black Unicorn Awards for 2021
Flexxon, the cybersecurity industry’s leading provider of X-PHY® AI Embedded Cyber Secure SSD, today announced that it has been named a finalist in the Black Unicorn Awards for 2021. Flexxon competed against many of the industry’s leading providers of cybersecurity products and services for this prestigious award. The term “Black Unicorn” signifies a cybersecurity company that has the potential to reach a $1 billion dollar market value as determined by private or public investment (Source: https://en.wikipedia.org/wiki/Unicorn_(finance)) and these awards showcase those companies with this kind of incredible potential in the cybersecurity marketplace. “It’s exciting to see Flexxon has been named a finalist among other cybersecurity industry leaders in our third annual Black Unicorn awards,” said Judges Robert R. Ackerman Jr. of www.allegiscyber.com, David DeWalt of www.nightdragon.com, Dr. Peter Stephenson of Cyber Defense Labs and Gary Miliefsky of www.cyberdefensemediagroup.com. “We believe Flexxon will prove it has the potential to win this annual award because of our management team’s track record, our innovative cybersecurity offering, market adoption and the huge ‘green field’ opportunity in front of us in a multi-billion dollar addressable marketplace,” said Camellia Chan.
-
US military personnel lost over $822 million to scams since 2017
According to data presented by Atlas VPN, the US military personnel lost $822.1 million to different types of internet crime between 2017 and June 30, 2021. Military members filed more than 836,374 reports of fraud, identity theft, and other consumer concerns with the Federal Trade Commission (FTC). Reservists and military personnel families were behind the lion’s share of the losses, at $484.4 million, 59% of all military monetary damages in the last 5 and a half years. They also submitted over 322 thousand unique complaints to the FTC. The veterans & military retirees’ financial damages encompass 35% of all losses at $290.1 million. This group fell to various types of internet crime most often, as they sent out a total of 452 thousand reports. The median loss in this category is $700. Finally, fraudsters swindled over $47.6 million from active duty service members. This group also submitted the least complaints at 52 thousand since 2017. The median loss for active duty service members is one hundred lower than that of veterans, at $600. Edward Garb, a cybersecurity researcher and writer at Atlas VPN, shares his advice on how to avoid internet scams: “Even though the US has numerous task forces to deal with this growing epidemic of internet crime, each individual should be cautious and stay on the lookout for any red flags when dealing with internet-related money transfers.” [Most dangerous types of scams] Interestingly, romance scams, also widely known as catfishing, are at the top of the list. Heartless criminals lured out as much as $92 million from the US military members. Even though romance scams have been widely known for quite a while, victims are still not afraid to send large amounts of money to someone they met online, as the median loss to this type of crime stands at $2,400. Victims submitted a total of 7,120 romance scam reports to the FTC. The second most damaging internet crime for the US military members was miscellaneous investments. As much as $90.2 million were lost to bogus investments. The median loss is not that far behind romance scams, hovering at $2,000. To read the full article, head over to: https://atlasvpn.com/blog/us-military-personnel-lost-over-822-million-to-scams-since-2017
-
45% of offers selling corporate network access on the dark web cost less than $1K
Many new people started to flood the cybercriminal market, trying to earn a quick buck off people and organizations, which did not establish a reliable security system. According to the recent Atlas VPN research team’s findings, 45% of corporate network access costs less than $1K on the dark web. Businesses in the services and manufacturing industries are the main options for hackers when planning an attack. Hackers put up 45% of offers for access to corporate networks for less than $1,000 on the dark web. Important to note that this percentage in 2017 was only 15%. However, between Q2 2020 and Q1 2021, the rate has risen to what it is now. Access to corporate networks that cost between $1,000 and $2,499 made up 22% of the dark web market. On the other hand, the corporate network accesses priced between $2,500 and $4,999 accounted for 17% of the underground forum market. Hackers evaluate the number of computers to be exposed, account privileges, businesses size, revenue, and other financial indicators. Also, the price of access could be impacted by the industry in which the company is operating. Access to corporate networks selling for $5,000-$9,999 composed 9% of the dark web market. At the same time, accesses offered above the $10,000 price range made up 7% of the market. Cybersecurity writer and researcher at Atlas VPN William Sword shares his thoughts on the changes in the cybercriminal market: “Low-priced accesses usually are sold by inexperienced, wannabe hackers, who might not even follow through with the attack. Despite that, the rising percentage of cheap access means that many new, less-skilled cybercriminals entered the market, and they could become more dangerous in the future.” [Most targeted industries] Hackers find some industries more valuable than others because several businesses in specific sectors have put fewer resources into cybersecurity, making them an easier target. The services industry is the most popular among cybercriminals, as 17% chose to target this sector. While companies in this industry have a lot of sensitive data about their customers, service businesses become lucrative targets for hackers to sell the stolen information online. Next up, we have the manufacturing sector picked out by 14% of hackers. By gaining access to a manufacturing business, cybercriminals could steal personal information and severely disrupt normal operations. Furthermore, 12% of cybercriminals on the dark web selected the research and education industry to attack. As smaller schools usually do not have the best system security, low-skilled threat actors find them easier victims. In addition, the IT industry became a target for 7% of threat actors which purchased corporate network accesses. Finally, all other sectors accumulated 26% of accesses sold on the dark web forums. To read the full article, head over to: https://atlasvpn.com/blog/hackers-sell-45-of-corporate-network-access-for-less-than-1k-on-the-dark-web
-
Malvertising Takes Aim at a New Target: IoT Devices Connected to Smart Home Networks
Global cybersecurity company GeoEdge revealed it has uncovered a global-scale malvertising attack which is the first ad-based cybercrime aimed specifically at home-network based IoT devices. Working in cooperation with the company’s AdTech partners InMobi and Verve Group, GeoEdge’s security researchers identified both the attack vector as well its origins from bad actors in Slovenia and Ukraine. GeoEdge’s security research team has been investigating the malvertising attack on smart home IoT devices since mid-June 2021. The widely distributed attack vector is the first to use online advertising to silently install apps on home-WiFi-connected IoT devices, and only requires that hackers possess a basic understanding of device API documentation, some JavaScript knowledge and rudimentary online advertising skills. Market research firm IoT Analytics forecasts more than 30 billion IoT device connections worldwide by 2025, making home and industrial IoT an extremely attractive and vulnerable frontier for malvertisers. “GeoEdge’s patented behavioral code analysis technology and advanced malware detection capabilities detected these online ads covertly injecting malware into smart-home IoT devices,” said GeoEdge CEO Amnon Siev. “With the collaboration between InMobi and Verve, we exposed the origin, infrastructure and global scale of these attacks. This joint mission is built on trust and a deep understanding of the threat landscape which has enabled us to create a new standard for user protection.” “Malvertising,” or malicious advertising, spreads malware through the injection of malicious code into online display ads via online advertising networks, exposing user networks and connected devices to the potential risk of infection. Advertising networks are generally unaware they are serving malicious content and in the cases discovered by GeoEdge, users targeted with the attack aren't even required to click on the infected ad or navigate to a malicious page to initiate the attack on home network devices. “Digital advertising continues to capture a larger share of marketing budgets for companies large and small and as with that growth comes potential risks. It is critical that we have the checks and balances to identify and contain potential malicious threats before they can infect users’ devices,” added said Kunal Nagpal, SVP and GM, Publisher Platform and Exchange at InMobi. “Our collaboration with GeoEdge enhances user protection across the advertising ecosystem through advanced real-time detection, ensures the delivery of safe ads to our global partners and helps us maintain quality and user trust.” The impacts of the broad IoT attack revealed in GeoEdge’s research include the ability to manipulate IoT devices, download apps without users’ consent, and risks theft of personal information and monetary instruments as well as tampering with home systems such as smart locks and surveillance cameras. To block such attacks, GeoEdge notes that antivirus apps and even firewalls are not sufficient, making it necessary to continuously block infected ads in real-time to prevent them from being rendered and presented to users. “As we work to maintain a clean and transparent ecosystem, the ad security landscape constantly evolves, introducing new cybersecurity risks which require innovative solutions,” said Pieter de Zwart, VP of Engineering at GeoEdge partner Verve Group. “We are committed to ensuring a safe advertising experience and partnering with key industry players enables us fulfill that mission.”
-
Top 10 most impersonated brands in phishing attacks in H1 2021
Criminals continue to impersonate well-known brands to trick people into giving up their personal information. According to the data presented by the Atlas VPN team, Crédit Agricole, a French financial group, was by far the most imitated brand in H1 2021 worldwide. The brand was linked with 17,755 unique phishing URLs, followed by social media giant Facebook with 17,338 and Microsoft with 12,777. Multi-platform messaging service provider WhatsApp is the second social media brand to make the top ten list. It was taken advantage of in 8,727 phishing attacks. Meanwhile, French bank La Banque Postale occupies the fifth spot with 7,180 attacks. Other brands in the top ten list include Orange (4,047), Amazon (3,501), Comcast (3,116), PayPal (2,601), and Chase bank (2,537). Financial brands were criminals’ favorite Phishing efforts involving financial industry brands were the most frequent. They accounted for 36% of URL phishing attacks in H1 2021. Ruth Cizynski, the cybersecurity researcher and writer at Atlas VPN, shares her thoughts on the phishing attack trends: “Imitating well-known and trusted brands in attempts to steal people’s personal information is a common tactic among cybercriminals. Due to the rise in digital payments and growing reliance on online banking during the pandemic, financial service brands were particularly popular in phishing attacks.” Social Media companies were also heavily impacted. Social media brand impersonation accounted for over a quarter (26%) of all brand phishing attacks in the first half of this year. Other affected sectors include cloud (17%), e-commerce and logistics (11%), internet and telecommunications (9%), and government (1%). To read the full article, head over to: https://atlasvpn.com/blog/crédit-agricole-facebook-and-microsoft-are-the-most-impersonated-brands-in-url-phishing-attacks
-
65% of all DDoS attacks target US and UK
Distributed denial of service (DDoS) attacks are common for cybercriminals who want to disrupt online-dependent businesses. According to the data analyzed by the Atlas VPN team, 65% of all distributed denial of service (DDoS) attacks are directed at the US or UK. Computers and the internet industry is the favorite among cybercriminals. The United States was a target for 35% of all DDoS attacks in June 2021. Cybercriminals launched DDoS attacks against Amazon Web Services, Google, and other prominent US-based companies in the past. The United Kingdom comes second as it fell victim to 29% of all DDoS attacks. As the UK has many huge businesses, they often are targeted by hackers for valuable data or even a ransom. China was threatened by 18% of all DDoS attacks in June 2021. Assaults from and to China happen primarily due to political reasons, to interrupt some government agency. Japan and Germany were each struck by about 3% of all DDoS attacks. Cybersecurity writer and researcher at Atlas VPN William Sword shares his thoughts on DDoS attacks: “DDoS attacks are a severe threat. They lead to the interruption of the website or service, which could cause massive financial damages to the business. To stop the assault, hackers often request a ransom.” [Clear DDoS attack target] Some businesses are more heavily targeted due to the damage their service stoppage would cause if hackers disrupted their service. The most attacked industry was the computers and internet sector, targeted by 83% of all DDoS attacks. Domain providers, web hosts, and internet service providers often become the victims of DDoS attacks. The games industry is the second most attacked sector as they suffered 9% of all DDoS attacks. Some gamers launch DDoS attacks against other players to lower their connection speed and gain a competitive advantage. Gambling sites experienced 6% of all DDoS attacks in June 2021. Often casinos hire cybercriminals to disrupt their competitor’s businesses. Almost 2% of all DDoS assaults targeted the business sector, while hackers attacked the finance sector nearly 1% of the time. To read the full article, head over to: https://atlasvpn.com/blog/65-of-all-ddos-attacks-target-us-and-uk
-
Average data breach cost surpasses $4 million in 2021, record growth of 10% YoY
According to data presented by Atlas VPN, the average financial damages caused by a data breach increased by nearly 10% year over year to $4.24 million in 2021. This is the highest spike since 2015. A data breach can have a number of negative implications for a business, including lost sales, a tarnished reputation, data recovery fees, and possibly employee layoffs. Edward Garb, a cybersecurity researcher at Atlas VPN, comments on the recent findings: “The record-high average losses can be directly linked to the rapid onset of remote work, as it created many new loopholes for cybercriminals to exploit.” The numbers are provided by IBM, where between May 2020 and March 2021, researchers conducted roughly 3,500 separate interviews with individuals from 17 countries and 537 firms that had experienced a data leak. Seven years ago, the average total cost of a data breach stood at $3.79 million. The lowest losses were seen in 2017, where companies suffered about $3.62 million in damages per incident. Moreover, the average data leak cost in the US stands at $9.03 million, which is the highest number globally. The Middle East is in second place, with average losses reaching $6.93 million per incident. [Data breach costs by industry] Interestingly, financial damages vary widely depending on the industry of the enterprise that fell victim to the data leak. Incidents in the healthcare industry are the costliest, as losses averaged a staggering $9.23 million this year. Healthcare companies tend to store a lot of sensitive data about their customers which can explain the high costs per breach. The healthcare sector also experienced one of the highest year-over-year monetary loss increases. The damages jumped from $7.13 million in 2020 to $9.23 million in 2021, a 29.5% growth. Among the top five worst affected industries are the financial ($5.72 million), pharmaceuticals ($5.04 million), technology ($4.88 million), and energy ($4.65 million) sectors. The energy sector dropped from the second most costly in 2020 at $6.39 million to fifth place in 2021. To read the full article, head over to: https://atlasvpn.com/blog/average-data-breach-cost-surpasses-4-million-in-2021-record-growth-of-10-yoy
-
ContraForce Joins Microsoft Intelligent Security Association
ContraForce, a leader in Open XDR for small and medium businesses, today announced that it has been nominated to join the Microsoft Intelligent Security Association (MISA). ContraForce was nominated for membership due to their Microsoft Azure Sentinel API integration. ContraForce delivers the Azure Sentinel API integration to customers with their Open XDR solution targeted towards MSSP’s and SMB’s. The membership will allow ContraForce to work more closely with Microsoft security product teams in order to build-in additional security for end users. Tighter integrations into the Microsoft security stack will allow ContraForce to deliver a more powerful yet simplified Open XDR experience to customers who are struggling with rapid incident response, generating more visibility across their security environment while reducing their costs. MISA is an ecosystem of independent software vendors and managed security service providers that have integrated their solutions with Microsoft security products to better assist end users defend against the world of increasing threats. Founded in 2018 MISA now has more than 245 members, more than 250 integrations and 165 service offerings some of which are available in the Azure Marketplace. “I am extremely excited to expand our relationship with Microsoft in order to better serve our customers who are battling adversarial threats that impact their capacity to deliver business outcomes to their customers”, stated Stan Golubchik, CEO ContraForce. “With ContraForce’s integrations into the Microsoft security stack we are able to simplify security outcomes through an innovative Open XDR experience for our customers who are on-premises or in the cloud eliminating manual tool configuration, mitigating false positives and automating rapid incident response for reducing risk across all attack vectors,” he added. “Microsoft Intelligent Security Association members leverage Microsoft's security products to better defend against cyber security threats with identity and access management, threat protection, information protection, and security management,” said Rob Lefferts, Corporate Vice President, Microsoft Defender. While ContraForce has integrated deeply with the Azure Sentinel API, they have also extended their solution’s integrations with Defender for Endpoint, Microsoft Cloud App Security, Defender for Microsoft 365, and Defender for Identity to provide a comprehensive Open XDR platform for customers who believe in the Microsoft vision as much as ContraForce does.
-
Ransomware has already cost victims $45 million in 2021
Cybercriminals have started to use double extortion methods in ransomware attacks. According to the data presented by the Atlas VPN, ransomware has already cost victims $45 million in 2021. Some of the ransom payments made this year are the largest ones we have seen yet. Conti ransomware group has received the most payments in ransom, nearly $13 million in total. Conti is double extortion ransomware, which not only encrypts data but also threatens to leak it online. The second most payments were taken by REvil / Sodinokibi group, which extorted $12.13 million in 2021 so far. REvil is a Russian-based criminal group, and they are one of the most prominent ransomware as a service providers (RaaS). The DarkSide group forced $4.67 million in ransom out of their victims in 2021. They announced their RaaS in August of 2020 and became known for their professional operations and large ransoms. RagnarLocker extorted $4.54 million in ransom, and MountLocker took away $4.22 million from their victims in 2021. Cybersecurity writer and researcher at Atlas VPN William Sword shares his thoughts on ransomware attacks: “Cybercriminals can shut down huge organizations, highlighting a massive issue — many companies have left their infrastructure and cybersecurity vulnerable to hackers. Businesses must take responsibility and secure their systems before hackers can launch even more disruptive attacks.” [Largest ransomware payments this year] Many hacker groups target specifically large organizations as their disruption would cause the most damage. World’s largest meat producer JBS USA fell victim to the REvil attack and paid a ransom of $11 million (301 bitcoins). JBS was forced to shut down some of its food production sites on May 31st, affecting thousands of employees. DarkSide ransomware attack on Colonial Pipeline cost the organization $4.4 million (75 bitcoins). Due to the attack, many Americans had to deal with gas shortages and price spikes for weeks to come. Backup appliance maker Exagrid paid $2.6 million (50.75 bitcoins) to Conti ransomware hackers. Cybercriminals stole 800GB of data related to employees, customers, and other confidential information. Hackers threatened to sell the stolen data on the dark web if Exagrid did not pay the ransom. To read the full article, head over to: https://atlasvpn.com/blog/ransomware-has-already-cost-victims-45-million-in-2021
