Curated advice, guidance, learning and trends in security and privacy, as chosen by our consultants.
Follow the money: financial motives figure highly in breaches, finds Verizon DBIR
Not even a pandemic could stop the publication of the 2020 Verizon Data Breach Investigations Report. Widely respected as an independent source of security information, some highlights from this year include: 86 per cent of breaches were financially motivated, up from 71 per cent in 2019. External attackers were a much bigger security threat than insiders, causing 70 per cent of breaches. (A finding that flies in the face of much ‘insider threat’ commentary.) The 119-page report has further analysis by industry sectors and geography.
Good writeups abound. CyberScoop led with the money angle. ZDNet focused on the finding that misconfigured cloud storage can open small businesses up to attacks. Verizon’s report is free online or as a PDF, with an executive summary to share or pass up the chain. As Brian Honan noted in the SANS newsletter, the report gives valuable insights into how to defend systems and networks.
No letup for ransomware during lockdown
Ransomware continues to spread, but our understanding of how the threat is evolving is also improving. It was the cause of more than a quarter of all recorded security incidents in the 2020 DBIR (above). FireEye produced a strong analysis of the Maze ransomware, which affected victims in multiple industries across Europe and the US. Its report looks at the most common routes of infection which were via email phishing and exploiting unpatched systems. It also gives tips on how to mitigate an attack.
In other ransomware news – and there was plenty of it recently – McAfee reposted a useful explainer on RDP security given recent ransomware attacks using that vector. Helpnet Security reported research from Sophos which found that recovery costs double when ransomware victims pay up to stop an infection. The Daily Swig has a story about Tycoon, a new Java-based ransomware targeting educational institutions and IT firms. Meanwhile, Bleeping Computer reported that ransomware gangs, including Maze operators, are now sharing tactics and intelligence, cartel-style.
The lack of women in cybersecurity harms efforts to reduce online risk
Gender disparity in the cybersecurity profession harms diversity and leads to increased risk. That’s the conclusion of Nir Kshetri, Professor of Management at UNC Greensboro. In a well argued, thoroughly researched article in The Conversation, Prof Kshetri found that women are highly underrepresented in cybersecurity. The problem worsens in senior management positions.
“In my research, I have found that internet security requires strategies beyond technical solutions. Women’s representation is important because women tend to offer viewpoints and perspectives that are different from men’s, and these underrepresented perspectives are critical in addressing cyber risks,” he wrote. His article also includes ways that the industry can start attracting more women to work in the cybersecurity field. “Boosting women’s involvement in information security makes both security and business sense. Female leaders in this area tend to prioritise important areas that males often overlook.”