Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants.

Follow the money: financial motives figure highly in breaches, finds Verizon DBIR

Not even a pandemic could stop the publication of the 2020 Verizon Data Breach Investigations Report. Widely respected as an independent source of security information, some highlights from this year include: 86 per cent of breaches were financially motivated, up from 71 per cent in 2019. External attackers were a much bigger security threat than insiders, causing 70 per cent of breaches. (A finding that flies in the face of much ‘insider threat’ commentary.) The 119-page report has further analysis by industry sectors and geography. 
 
Good writeups abound. CyberScoop led with the money angle. ZDNet focused on the finding that misconfigured cloud storage can open small businesses up to attacks. Verizon’s report is free online or as a PDF, with an executive summary to share or pass up the chain. As Brian Honan noted in the SANS newsletter, the report gives valuable insights into how to defend systems and networks. 

No letup for ransomware during lockdown

Ransomware continues to spread, but our understanding of how the threat is evolving is also improving. It was the cause of more than a quarter of all recorded security incidents in the 2020 DBIR (above). FireEye produced a strong analysis of the Maze ransomware, which affected victims in multiple industries across Europe and the US. Its report looks at the most common routes of infection which were via email phishing and exploiting unpatched systems. It also gives tips on how to mitigate an attack. 
 
In other ransomware news – and there was plenty of it recently – McAfee reposted a useful explainer on RDP security given recent ransomware attacks using that vector. Helpnet Security reported research from Sophos which found that recovery costs double when ransomware victims pay up to stop an infection. The Daily Swig has a story about Tycoon, a new Java-based ransomware targeting educational institutions and IT firms. Meanwhile, Bleeping Computer reported that ransomware gangs, including Maze operators, are now sharing tactics and intelligence, cartel-style.

The lack of women in cybersecurity harms efforts to reduce online risk

Gender disparity in the cybersecurity profession harms diversity and leads to increased risk. That’s the conclusion of Nir Kshetri, Professor of Management at UNC Greensboro. In a well argued, thoroughly researched article in The Conversation, Prof Kshetri found that women are highly underrepresented in cybersecurity. The problem worsens in senior management positions. 

“In my research, I have found that internet security requires strategies beyond technical solutions. Women’s representation is important because women tend to offer viewpoints and perspectives that are different from men’s, and these underrepresented perspectives are critical in addressing cyber risks,” he wrote. His article also includes ways that the industry can start attracting more women to work in the cybersecurity field. “Boosting women’s involvement in information security makes both security and business sense. Female leaders in this area tend to prioritise important areas that males often overlook.”

Links we liked

The top 10 list of most routinely exploited bugs, as compiled by CISA and the FBI. MORE
 
GitHub shares how it detected and responded to the Octopus Scanner attack. MORE
 
Covid-19 has contributed to ‘record-breaking’ criminality. MORE
 
The security sector has experienced a boom in investments this year. MORE

Tips for creating a cyber-secure home. MORE
 
Internet security group Shadowserver will keep going after finding a new sponsor. MORE
 
SANS walks through an analysis of a LinkedIn phishing message. MORE
 
A look across two decades at how the language of security has evolved. MORE
 
Confessions of Marcus Hutchins, the hacker who saved the internet. MORE
 
Shodan’s founder talks IoT security and dual-purpose hacking tools. MORE

Have you signed up to our monthly newsletter? Every month we send out the latest cybersecurity and data protection news, trends and advice from around the globe. Sign up here