• Latest
  • Trending
Data Protection When Cyber-Attacks Are Rife

Data Protection When Cyber-Attacks Are Rife

December 27, 2021
Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

May 20, 2022
HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

May 20, 2022
Android 13 beta will test out-of-the-box support for most braille displays

Android 13 beta will test out-of-the-box support for most braille displays

May 20, 2022
WhatsApp to Launch Cloud-Based Tools, Premium Features for Businesses

WhatsApp to Launch Cloud-Based Tools, Premium Features for Businesses

May 20, 2022
Huawei and SolarEdge Sign a Global Patent License Agreement

Huawei and SolarEdge Sign a Global Patent License Agreement

May 20, 2022
Dijbouti Telecom Welcomes the Landing of 2Africa Submarine Cable

Dijbouti Telecom Welcomes the Landing of 2Africa Submarine Cable

May 20, 2022
Ghana Smart Africa Digital Academy launches its national digital academy

Ghana Smart Africa Digital Academy launches its national digital academy

May 20, 2022
Ghana’s Rural Telecom Facilities to be Upgraded to 4G

Ghana’s Rural Telecom Facilities to be Upgraded to 4G

May 20, 2022
Silicon Power Announces UD90 PCIe 4.0 SSD

Silicon Power Announces UD90 PCIe 4.0 SSD

May 20, 2022
ZADAK Announces TWSG4S PCIe Gen4 x4 SSD

ZADAK Announces TWSG4S PCIe Gen4 x4 SSD

May 20, 2022
Samsung Sampling 512GB CXL Memory Module

Samsung Sampling 512GB CXL Memory Module

May 20, 2022
IBM Elastic Storage System 3500

IBM Elastic Storage System 3500

May 20, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Sunday, 22 May, 2022
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Data Protection When Cyber-Attacks Are Rife

by ITECHNEWS
December 27, 2021
in Leading Stories, Opinion
0 0
0
Data Protection When Cyber-Attacks Are Rife

The Colonial Pipeline incident in May illustrates just how disruptive a successful ransomware attack can be. Even though the ransom – the equivalent of approximately $5m in Bitcoin – was paid, many schools, medical centers and communities were severely impacted before operations could be restored.

 

YOU MAY ALSO LIKE

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

Sadly, ransomware is just the end of the attack chain. According to the Verizon 2021 Data Breach Investigations Report, 85% of breaches involve a human element, like phishing. Yet, too many people view phishing as an exclusively email issue. Hackers have moved beyond this to embrace smishing (text), vishing (phone) and social networking sites to exploit the weakest link in the cybersecurity chain – the human operator.

 

Given the rapid convergence of employees’ work and personal lives due to the COVID-19 pandemic, LinkedIn has become an especially attractive infection vector. It is easy to create a fake profile and target people. Such is its appeal that many nation-state actors are using LinkedIn and other social networks to propagate attacks. This was the case earlier this year when Google discovered a largescale cyber-attack that originated out of North Korea. It used fake blogs, email accounts and fake social media profiles to trick victims.

 

Countless Attack Paths

 

Phishing has also infiltrated ads, search engines, browser extensions and chat apps. The payloads include rogue browsers, scareware, fake virus alerts, banking fraud and more. HTML phishing can be delivered straight into browsers and apps. Essentially, phishing can bypass traditional defenses with more than an 80% success rate.

 

Hackers have also used legitimate infrastructure like Google, Dropbox or SharePoint to spread phishing attacks. Organizations have these services whitelisted, so having a phishing page hosted on the legitimate infrastructure becomes easy.

 

People erroneously assume that if a domain looks legitimate, the site can be trusted and safe to access. Unfortunately, most security training focuses on helping users identify phishing emails and neglects to teach employees what to watch for when it comes to other communication channels like text, phone calls and social network sites.

 

Trust No One

 

With many organizations still relying on traditional anti-virus and firewall defensive solutions, successful phishing has become easy. Teaching users about the threats and not to trust anything regardless of its source is part of a solution. Even then, we are only human, and the risk of a breach occurring increases daily.

 

This does not mean it is not essential to continue training employees to identify the signs of malware through phishing or other means. But this is not a silver bullet and must be done continuously as new threats emerge.

 

Bad actors have more tools available to them that they can easily combine with automation and legitimate infrastructure. This enables them to quickly spin up attacks inside Azure, Google or AWS. These can correlate user behavioral information on the dark web and become very targeted to specific individuals.

 

The best way to combat this is to fight machines with machines. But, unfortunately, the human resources and hours required to defend against these automated attacks are virtually impossible to meet – and attacks move too fast for human forensics to catch and protect against.

 

Follow Best Practices

 

Best practice begins with ensuring the organization has up-to-date host-based firewalls and other protections such as endpoint security products in place. This is especially important in a distributed working environment where people are using their personal devices. In addition, it is imperative to keep operating systems and applications current and updated on all computers and devices.

 

An anti-phishing solution that protects against all forms of human hacking becomes fundamental and an increasingly sophisticated defensive posture. It can perform analysis of cyber-attacks at a device level, so the data is not transferred back to the organizational network. This protects users’ privacy regarding their personal activity and introduces an additional safeguard not to have potential malicious data enter the company environment.

 

As mentioned, regular user training about cybersecurity, especially when new attack methods are being discovered so frequently, is critical. In addition, employees need to understand their personal risk as well as the risk to the organization.

 

Finally, if a cybersecurity event is detected, teams should work together quickly and thoroughly to understand the breadth and depth of the impact and begin the process of recovery. Communication is key – partners, oversight organizations, customers, investors and other stakeholders must be informed as soon as a breach has been identified and what the recovery plan will entail. There is nothing to be gained by keeping a security event quiet. Once the threat is isolated and the business has recovered data and assets, it must use the learnings to update policies and procedures to prepare them better.

Source: Patrick Harr CEO, SlashNext
Tags: cyber-attacksData Protection
ShareTweetShare

Get real time update about this post categories directly on your device, subscribe now.

Unsubscribe

Search

No Result
View All Result

Recent News

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

May 20, 2022
HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

May 20, 2022
Android 13 beta will test out-of-the-box support for most braille displays

Android 13 beta will test out-of-the-box support for most braille displays

May 20, 2022

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

May 20, 2022
HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

May 20, 2022

Recent News

  • Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1 May 20, 2022
  • HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs May 20, 2022
  • Android 13 beta will test out-of-the-box support for most braille displays May 20, 2022
  • WhatsApp to Launch Cloud-Based Tools, Premium Features for Businesses May 20, 2022
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
Go to mobile version