• Latest
  • Trending
How Cybersecurity Awareness Shifted in 2021

How Cybersecurity Awareness Shifted in 2021

December 13, 2021
How to do Face Detection with Python?

How to do Face Detection with Python?

May 16, 2022
Fullstack Authentication with Remix using Prisma, MongoDB and Typescript

Fullstack Authentication with Remix using Prisma, MongoDB and Typescript

May 16, 2022
Hackers are exploiting critical bug in Zyxel firewalls and VPNs

Hackers are exploiting critical bug in Zyxel firewalls and VPNs

May 16, 2022
Fake Pixelmon NFT site infects you with password-stealing malware

Fake Pixelmon NFT site infects you with password-stealing malware

May 16, 2022
Microsoft fixes new PetitPotam Windows NTLM Relay attack vector

Microsoft fixes new PetitPotam Windows NTLM Relay attack vector

May 16, 2022
EU Agrees New Cybersecurity Legislation for Critical Services Organizations

EU Agrees New Cybersecurity Legislation for Critical Services Organizations

May 16, 2022
Apple releases iOS 15.5 RC, here’s the list of everything new

Apple releases iOS 15.5 RC, here’s the list of everything new

May 13, 2022
MSI Full AMD 300-Series Motherboard Compatibility for Zen 3

MSI Full AMD 300-Series Motherboard Compatibility for Zen 3

May 13, 2022
Gigabyte New Flagship AORUS 17X Gaming Laptop with Extreme Performance

Gigabyte New Flagship AORUS 17X Gaming Laptop with Extreme Performance

May 13, 2022
MediaTek Unveils New AIoT Platform Stack and Genio 1200 AIoT Chip

MediaTek Unveils New AIoT Platform Stack and Genio 1200 AIoT Chip

May 13, 2022
Oracle expands global network of industry innovation labs

Oracle expands global network of industry innovation labs

May 13, 2022
Google announces 30,000 scholarships under African developer scheme

Google announces 30,000 scholarships under African developer scheme

May 13, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Monday, 16 May, 2022
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

How Cybersecurity Awareness Shifted in 2021

by ITECHNEWS
December 13, 2021
in Opinion
0 0
0
How Cybersecurity Awareness Shifted in 2021

Cyberattacks Impacted Everyday Life

Cyberattacks are no longer an esoteric concept that Americans heard about but rarely experienced firsthand. In September, the Pearson Institute and the Associated Press-NORC Center for Public Affairs Research conducted a survey that found nine in 10 Americans were at least somewhat concerned about cyberattacks and about two-thirds stated they were “very” or “extremely” concerned. Significantly, these concerns cross political party lines. 

From the ransomware attack on the Colonial Pipeline that disrupted fuel deliveries in 12 states for several days to a similar attack on meat supplier JBS that caused grocery bills to spike, consumers were made starkly aware of the domino effect of cyberattacks on the companies they do business with.

YOU MAY ALSO LIKE

How to Protect Your Web Apps Using Anti-CSRF Tokens?

Always Be Modeling: How to Threat Model Effectively

Critical Infrastructure Security = National Security

Early in the year, an employee for the city of Oldsmar, Florida, reported a watering-hole attack which planted malware on the employee’s computer. This opened the door for a threat actor to compromise a water treatment plant’s network and attempt to poison the city’s water with lye. Thankfully, the intrusion was discovered in time to stop it, but the threat of similar attacks remains. In October, the U.S. Cybersecurity and Infrastructure Agency (CISA) issued an alert to water and wastewater utilities, warning of ongoing attempts by malicious actors to compromise both their IT and operational technology (OT) networks, systems and devices.

Water utilities aren’t the only critical infrastructure at risk. The year 2021 saw a spate of ransomware attacks against hospitals, state and local governments and municipal emergency services. These attacks don’t just cost organizations money; they put human health and lives at risk.

Mistakes Can be Just as Catastrophic as Malicious Attacks

Throughout 2021, cybercriminals, thwarted by improved technical security tools, increasingly turned to zero-day exploits and other vulnerabilities like mistakes made by end users or IT personnel. 

In August, dozens of organizations using Microsoft Power Apps, including multinational corporations and government agencies, inadvertently exposed 38 million records. Many of these records included personally identifiable information (PII) such as COVID-19 contact tracing data and job applicants’ Social Security numbers. The problem was with the Power Apps API, which, until quite recently, had been configured to “expose records for display” by default—unless IT personnel disabled it.

More recently, a server misconfiguration combined with a lack of network segmentation enabled cybercriminals to compromise streaming platform Twitch and leak 125GB of company data.

Supply Chain Attacks Put Everyone at Risk

Another method by which cybercriminals get around rigorous security controls at large organizations is to compromise a softer target further down the supply chain, then use this access as a backdoor into their ultimate target. This is an unfortunate side effect of modern, highly distributed data environments where even mid-sized companies typically have hundreds, sometimes thousands of third-party applications, systems and hardware in their IT ecosystems. 

Recently, the FBI issued an official warning to U.S. food and agricultural businesses about ransomware attacks within their supply chains, and Microsoft notified over 600 resellers and partners of its Azure cloud service to be on the lookout for “highly targeted attacks” by the same cybercrime group responsible for last year’s SolarWinds breach.

Considering that managed service providers, SaaS developers and other IT service providers have the same distributed data environments as their customers, supply chain attacks have a potentially massive scope.

Businesses Have as Much to Lose as Their Customers

Customer and employee PII aren’t the only digital assets cybercriminals are interested in compromising. Digital intellectual property (IP) and other confidential business information is just as valuable as Social Security numbers—and in many cases, even more so.

While creators’ login credentials and financial information weren’t exposed in the Twitch breach, their earnings on the platform dating back to 2019 were. However, Twitch arguably suffered far greater harm than its creators. Cybercriminals got away with a treasure trove of digital intellectual property including the entirety of Twitch’s source code with full commit history, internal red-teaming tools, proprietary SDKs and AWS services and more.

While some aspects of security awareness are evergreen—such as the dangers of clicking on links in unsolicited email—the threat environment is continually in flux, as is employees’ perception of cybersecurity issues. Security awareness training must be an ongoing process to remain effective.

By Security Boulevard

ShareTweetShare

Get real time update about this post categories directly on your device, subscribe now.

Unsubscribe

Search

No Result
View All Result

Recent News

How to do Face Detection with Python?

How to do Face Detection with Python?

May 16, 2022
Fullstack Authentication with Remix using Prisma, MongoDB and Typescript

Fullstack Authentication with Remix using Prisma, MongoDB and Typescript

May 16, 2022
Hackers are exploiting critical bug in Zyxel firewalls and VPNs

Hackers are exploiting critical bug in Zyxel firewalls and VPNs

May 16, 2022

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

How to do Face Detection with Python?

How to do Face Detection with Python?

May 16, 2022
Fullstack Authentication with Remix using Prisma, MongoDB and Typescript

Fullstack Authentication with Remix using Prisma, MongoDB and Typescript

May 16, 2022

Recent News

  • How to do Face Detection with Python? May 16, 2022
  • Fullstack Authentication with Remix using Prisma, MongoDB and Typescript May 16, 2022
  • Hackers are exploiting critical bug in Zyxel firewalls and VPNs May 16, 2022
  • Fake Pixelmon NFT site infects you with password-stealing malware May 16, 2022
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
Go to mobile version