[From the desk of Paul G Davis – his opinion and no-one else’s, apart from those of the authors of the articles.]
And so, now the news
* How Cybercrime Has Changed (Infographic)
* The modern look of a utility’s chief security officer
* Cyber security slated to become standalone practice
* Google Ramps Up Fight Against Deceptive Software Installations, Aims For ‘Clean Software’ Industry Standards
* This Software Is So Sleazy Google Calls It ‘Ooze’
* The advanced security techniques of criminal hackers
* How to Use Dungeons and Dragons for Security Training
* Solving the IT skills crisis: the five skills businesses need IT to master
* Dry Lighting Cracks against the Cloud: The Rise of the Advanced Persistent DoS (APDoS)
* 58% of orgs have no controls in place to prevent insider threats
* The four cybersecurity terms everyone is talking about at Black Hat
* Obama officials seek industry input on revising cyber-incident response strategy
How Cybercrime Has Changed (Infographic)
An infographic from security firm BTB Security shows how many more breaches and incidents of indentity theft there were in 2015 than in 2005.
As a result, 190 million consumers were compromised last year, compared to only 44.2 million ten years earlier.
Check out the infographic below to see how much these online attacks are costing businesses, then make sure you have a secure password.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=ae85795ae9&e=20056c7556
The modern look of a utility’s chief security officer
The senior security professional, typically at the vice president or director level, now has direct access to the CEOand company boards of trustees, often to supply situational awareness of physical and cybersecurity issues.
The CSO should have the ability to mold or shape policy from the boardroom or from the senior staff meeting.
The good news for CSOs is that more board-level visibility can lead to more investment in security.
Even the best CSO, however, cannot be successful without backing from senior executives.
So, what makes a CSO worth their weight in gold?
The duties of the CSO have dramatically changed with the introduction of targeting electric infrastructure for attack, the advancement and reliance on cyber systems, and the job of ensuring compliance with the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Standards.
Likely the biggest responsibility is to create and foster a program that helps manage reputational risk.
A security event at a company, whether physical or cyber, can quickly ruin any good standing in the community or industry.
Whatever the range of duties, the security department’s prime mission must always align with the company’s.
That means being a trusted partner.
The modern CSO is business savvy and fully understands the impact that security has with respect to “keeping the lights on”, business resiliency, reputational risk, and regulatory compliance.
Today’s CSO must be an educator rather than an enforcer as he or she must be able to re-frame the security conversation away from mere loss avoidance and towards competitive advantage, efficiency, and risk reduction.
The CSO must be technically adept, with an intuitive understanding of a company’s assets, how attackers might penetrate them, and how to defend against attacks.
And because no company, no matter how invested it is in security, is fully immune from physical threats, the CSO must also understand how to deter, detect, and mitigate the attacks that do occur.
The required skills for this position have matured and evolved over the past decade.
Former law enforcement officers continue to be the logical first pick for many utilities.
However, very few investigations, domestic violence episodes, drug cases, or traffic violations occur at a utility.
Former military personnel remain an effective alternative, especially those with an antiterrorism and force protection background, but often times lack advanced degrees or corporate experience.
he biggest mistake that CSOs make is when they become complacent and think they’ve solved the problem they are facing.
In this business, you’ve never solved the problem.
Instead, great CSOs are always scanning the horizon: They consider what mistakes they may be making and learn from the mistakes that others in their position make.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=b4980927d1&e=20056c7556
Cyber security slated to become standalone practice
The rapidly increasing level and complexity of cyber security work conducted by lawyers, coupled with the introduction of mandatory data breach notification, could see cyber security become a standalonepractice area, according to a partner.
For a long time, privacy law in Australia has been focused on the Australian Privacy Principles and their predecessor, the National Privacy Principles, meaning a lot of legal work around privacy was relatively simple, according to Mr Salter.
Another factor that may contribute to the increase of cyber security-related work is the introduction of mandatory data breach notification legislation in Australia.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=0c72c159fa&e=20056c7556
Google Ramps Up Fight Against Deceptive Software Installations, Aims For ‘Clean Software’ Industry Standards
Google’s Safe Browsing service, used by Chrome, Firefox, and Safari, generates 60 million monthly warnings to users about deceptive software installations.
This is three times more than the number of warnings shown by the service for malware.
Google and New York University (NYU) performed a study on all types of deceptive software and ads out there in order to better identify how to fight against them.
Over the course of a year, Google and NYU discovered that four of the largest pay-per-install (PPI) advertising networks routinely distributed unwanted ad injectors, browser settings hijackers, and scareware flagged by over 30 antivirus engines.
These bundles were promoted through fake software updates, phony content lockers, and spoofed brands.
All of these methods were being discussed openly on underground forums.
Google and NYU determined that there are three parties that enable the pay-per-install distribution model: advertisers, affiliate networks and publishers.
Beyond that, the company is also trying to work with other stakeholders in the industry, including anti-virus companies and bundling platforms, to distribute “clean software.” The initiative aims to create industry-wide standards that give users clear choices when installing software, while at the same time blocking deceptive ads.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=f9ca5b9976&e=20056c7556
This Software Is So Sleazy Google Calls It ‘Ooze’
What qualifies as ooze.
Generally, any software that deceives people into downloading it.
Ooze can include ad injectors that cram unwanted ads onto webpages, browser setting hijackers that change the defaults on a person’s web browser (for instance, by making a hijacker’s preferred search engine the standard), or “scareware” that urges a person to install it to “clean up” his or her computer.
In the shadier parts of what’s known as the “pay per install” economy, software developers make money by bundling applications with other objectionable software, leading to the ooze epidemic, the researchers note.
The incentives reward deception aimed at maximizing downloads, regardless of the consumer experience or outcome. (What separates this from the “blackmarket” variety is that it asks for user consent, albeit often underhandedly.)
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=28016fbf33&e=20056c7556
The advanced security techniques of criminal hackers
I spoke with Rick Holland, former Forrester analyst and VP of strategy at Digital Shadows, at Black Hat about the security tools and techniques currently in use by cybercriminals.
What Holland had to say was both illuminating and, when considering the business of cybercrime, not entirely unfamiliar.
“Opsec is a really good topic to be talking about in Vegas [Black Hat conference].
A lot of the things individuals are doing here, some of that applies to the bad guys,” Holland says.
A term from the military world, “opsec” refers to tactics used to protect privacy and anonymity.
The irony is that criminals rely on many of the same tools that defenders and internet users on the good side adopt to stay secure online — tools such as Tor and VPNs for network connectivity, bulletproof hosting, and Jabber and OTR protocol for online chats, according to Holland.
Snowden popularized Tails, the Linux distribution for the paranoid, Holland adds.
Defenders can capitalize on weak attacker opsec to gain insights into the people, process, and technology the attackers are using.
Lapses in opsec give defenders the clue they need to stop the attack.
In the new world where everything is online, any break is helpful.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e0f085b529&e=20056c7556
How to Use Dungeons and Dragons for Security Training
A Black Hat talk by Tiphaine Romand Latapie, Research Team Lead for Airbus Group Innovation, suggested a very novel approach to security training.
Black Hat Bug Art”I’m going to talk to you about the role-playing game I designed to teach people who don’t know anything about security,” said Ms.
Latapie. “At first, I designed this just for me, to make my job easier, to train my coworkers.
I tested it on my family, friends, and coworkers, including project managers, top managers, retail, customer support, and call centers.”
“I looked at all the trainings available,” she said. “Most are technical trainings.
Let’s train them without talking about the technical aspects.
Their misunderstandings are not technical.” She pointed out that neophytes do just fine with physical security.
They close the door in the morning.
They have insurance for their property. “I’m going to use that knowledge to teach them computer security,” said Latapie. “It will be different from other trainings.
I’m convinced people learn better when they’re having fun.
I want them to think for themselves, so a role-playing game seemed really good to me.”
Latapie proceeded to lay out the RPG process. “You need one meeting room and a paperboard or drawing board,” she said. “It’s an old-fashioned paper game, not a video game.
It’s for four to eight people, on two teams, for 90 to 120 minutes.
You don’t need dice, or a dragon.
I’m very sorry about that.
The gamesmaster conducts the game scenario for 30-45 minutes and then debriefs the teams.”
Here’s how it works.
There’s a big skyscraper in a busy city with an important object inside, something that would just fit in a backpack.
The attacking team attempts to steal the object, while the defenders prevent the theft.
Both have unlimited budget, but their in-game actions must hew to the laws of physics.
In addition, the defenders must obey the law.
Once the gamesmaster declares the game over, the debriefing begins. “How do you make it infosec.
You go back to the minutes and show how each thing they said relates to security,” said Latapie. “They say they’ll add a badge reader, and you translate that to access control.
They say they’ll use facial recognition, and you talk about biometrics.
The attackers propose to black out the building’s electricity, and you tell them about denial of service attacks.”
Latapie offered tips for a successful scenario, such as asking who wants to be on the attacking team. “You don’t want shy attackers,” she said, “and you can switch the teams if you need to.
You’re the gamesmaster; you are the rules.” She noted that the game doesn’t work well on security people. “They go too far too fast.”
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=bf674a6f54&e=20056c7556
Solving the IT skills crisis: the five skills businesses need IT to master
Nigel Hawthorn discusses the IT skills crisis and the five skills that will become vital to businesses operating in the cloud
Here are five skills that businesses will need IT to master to keep sensitive data secure:
1) Incident response management
2) Communication with non-IT departments and executives
3) Analysis expertise with very large datasets
4) Ability to write code and application development experience
5) Security certifications
Ultimately, if IT is expected to drive innovation and growth, it requires individuals with the relevant abilities.
IT managers may already be complaining about the lack of skills within their teams, but the situation is only going to be exacerbated if the required steps aren’t taken now.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3d1d71b841&e=20056c7556
Dry Lighting Cracks against the Cloud: The Rise of the Advanced Persistent DoS (APDoS)
Wikipedia defines APDoS as:
“APDoS is more likely to be perpetrated by actors who are well resourced, exceptionally skilled and have access to substantial commercial grade computer resources and capacity.
APDoS attacks represent a clear and emerging threat needing specialised monitoring and incident response services and the defensive capabilities of specialised DDoS mitigation service providers.
This type of attack involves massive network layer DDoS attacks through to focused application layer (HTTP) floods, followed by repeated (at varying intervals) SQLI and XSS attacks.
Typically, the perpetrators can simultaneously use from 2 to 5 attack vectors involving up to several tens of millions of requests per second, often accompanied by large SYN floods that can not only attack the victim but also any service provider implementing any sort of managed DDoS mitigation capability.
These attacks can persist for several weeks.”
Now, if you digest this and take a look at the types of attacks, it’s clear that APDoS would require a lot of varied technology to stop the nature of network floods, HTTP application-level DDoS and encrypted threats.
Moreover, the case of Protonmail, we are now seeing the problem manifest to SMTP attacks (somewhat new vector) and secure-SMTP such as TLS over SMTP.
Many companies who have procured DDoS solutions have no thought about the threat from a broader spectrum such as SMTP or FTP and secure variants such as those.
The task is clearly daunting and real.
As the next generation of DDoS threats emerge we must be very diligent and proactive.
I believe that companies need to rise above the normal corporate culture of security controls and become obsessive about removing risks and compulsive about action.
After all, these organizations may literally be holding life and death decisions in their hands – and this makes their actions rather profound and very unique.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=a0302fccc4&e=20056c7556
58% of orgs have no controls in place to prevent insider threats
More than half of organizations (58 percent) still lack the appropriate controls to prevent insider attacks, with just under half (44 percent) unaware if their organization has experienced an insider attack at all, according to a new survey of more than 500 cybersecurity professionals.
The Insider Threat Spotlight Report also found that nearly half of those surveyed have seen an increase in insider attacks over the last 12 months.
Inadvertent data breaches (71 percent) top the list of insider threats companies care most about.
Negligent data (68 percent) and malicious data (61 percent) breaches come in a close second and third.
The biggest threat comes from privileged users, such as managers, with access to sensitive information, with 67 percent believing that the fact insiders have credentialed access makes insider attacks more difficult to prevent.
According to the survey, the endpoint is the most common launching point for an insider attack—by a wide margin (58 percent more than the next most common launching point: mobile devices).
Tracking file movement across the network is a critical component of a data security strategy, according to 75 percent of respondents, with 57 percent naming databases as the most vulnerable asset to an inside attack.
Survey respondents also named three barriers to better insider threat management:
– Lack of training and expertise (60 percent)
– Insufficient budgets (50 percent)
– Lack of collaboration between departments (48 percent).
Notably, lack of collaboration is the barrier with the highest gain since the previous survey, moving up 10 percentage points.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=00c8e57e98&e=20056c7556
The four cybersecurity terms everyone is talking about at Black Hat
Here are four cybersecurity terms that are rooting many conversations, both on the expo floor and among experts and analysts in the briefing rooms:
– Behavior Baselining
– Active Response
– Security Analytics
– Public Key Cryptography
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=78826819ee&e=20056c7556
Obama officials seek industry input on revising cyber-incident response strategy
Several of the Obama administration’s top officials on cybersecurity policy are urging industry leaders to get involved in revising the government’s strategy for responding to major cyber attacks, noting that drafting of the new plan has already begun and that a proposed version will be out for public comment as early as September.
The revised cyber-response plan is being developed under Presidential Policy Directive 41 issued last week to address “significant incidents,” a point that was stressed by White House…
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e307a95513&e=20056c7556
* Best practices in cyber vulnerability assessment
* Are Healthcare CISOs Suffering from Cybersecurity Solution Fatigue? An Expert Probes Some of the Issues
* Will Faster Payments Mean Faster Fraud?
* Accenture : Data theft, malware infection big threat to digital businesses
* Ponemon Institute: External Cyber Attacks Cost Enterprises $3.5M/year, 79% of Businesses Lack Comprehensive Strategies to Manage these Risks
* 2016 Malware Levels Now Stand at Nearly Four Times 2015 Totals
* Twitter Hacking and Social Media’s Risk to Executive Security
* Beyond Data: Why CISOs Must Pay Attention To Physical Security
* $2.7 Million HIPAA Penalty for Two Smaller Breaches
* Using compliance as a tool for change
* In the Breach War, File Protection Is Just as Important as Data
* Data security and breach notification in Finland
* ISO compliance in the cloud: Why should you care, and what do you need to know?
* Federal Privacy Commissioner Provides Submission on New Data Breach Notification and Reporting Regulations
* Breach notification reporting can be complicated without proper skills, tools
* Banks must do better on cyber security: KPMG
* Australia gets one-quarter of a minister for national infosec
* The Case for Continuous Security Monitoring
* Arbor Networks Releases Global DDoS Attack Data for 1H 2016
* 5 Best Practices for Outsourcing Cybersecurity
* Most CISOs and CIOs need better resources to mitigate threats
Best practices in cyber vulnerability assessment
Here are the best practices for cyber vulnerability assessment.
First and foremost you should have a very clear understanding of why you need a cyber vulnerability assessment.
Research other companies in your industry.
To know exactly which parts of your business structure need an assessment, you need to research your company’s processes with a focus on the systems that are critical to keeping your business running.
Once you’ve identified the systems that need an assessment, you should rank them according to both their importance to your overall business model and to the sensitivity of the information they contain.
Now that you know exactly which systems and software need an assessment and how they rank in terms of priority, you should make sure you’re aware of the security systems you already have in place.
f you’ve completely mapped out both your vulnerabilities and your already-in-place security, and your inter-departmental security task force is in agreement on what’s needed, you’re ready to perform your vulnerability scans.
f you did your homework on what you needed to assess and also on the vulnerability assessment tool you chose, then you should fully trust the results of your cyber vulnerability assessment and act on them.
Don’t wait.
Don’t second guess.
The assessment will produce recommendations for remediation that you should act on right now.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=28bcaef55c&e=20056c7556
Are Healthcare CISOs Suffering from Cybersecurity Solution Fatigue? An Expert Probes Some of the Issues
A recent Institute for Critical Infrastructure Technology report provided some intriguing thoughts about the pressure facing chief information security officers (CISOs) to keep their organizations secure and how they are combating information and vendor solution overload.
“Due to the plague of APTs, malware, ransomware and other malicious initiatives by invisible adversaries, few C-level executive positions are as critical as the CISO,” Scott writes.
In a recent report, James Scott, a senior fellow at the Institute for Critical Infrastructure Technology (ICIT), a Washington, D.C.-based cybersecurity think tank, points out that a well-informed CISO can improve the engagement of the C-suite and improve the cyber posture of the organization.
While the report offers a cross-industry perspective of the CISO role and the challenge of vendor solution overload, the report author does spend moments focusing on healthcare organizations, specifically in a section detailing how CISOs can assess the return on investment of cybersecurity solutions.
The report provides an interesting perspective about the need for CISOs to ignore the hype surrounding “silver bullet” solutions in order find the most effective cybersecurity solutions and strategies for their particular organizations, but at the same time, the report author also highlights the part that the vendor community plays in this problem.
“In many cases, CISOs operate under the unrealistic expectation that they should be able to prevent every breach with a finite budget.
They are expected to have enough technical expertise to develop a strategy to protect the business and enough business acumen to convince the board to adopt that strategy because it aligns with the goals of the organization,” he writes.
And, he asserts that modern CISOs tend to function more as Chief Information Risk Officers, managing the risk to data and technology.
According to the ICIT report, there is rapid burnout among CISOs, as the average turnover rate is 17 months.
“Vendor attempts to offer silver bullet solutions undermine the community at large and poisons the vendor-customer relationship.
The culture promoting these inadequate solutions distracts CISOs, technical personnel and solution developers from the risks and threats in the threat landscape and it distracts them from designing the right solutions to address the market needs.”
In the report, the author offers strategic recommendations for calculating a cybersecurity solution’s ROI and uses a healthcare organization as an example.
The ROI of security solutions can be equated to the fiscal component of the impact that the organization would assume if an adversary exploited the vulnerability that the solution addresses, the author writes.
The report concludes with statistics sourced from the Economist Intelligence Unit that indicates proactive CISO-led strategies can cut the success rate of cyber-breaches by more than 50 percent, hacking successes by 60 percent and ransomware infections by 47 percent.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=838c018415&e=20056c7556
Will Faster Payments Mean Faster Fraud?
Crowe contends that to ensure global payments interoperability, faster payments are a necessity.
The U.S. will soon be at a competitive disadvantage if it does not enable faster payments, she argues.
Parry says the most fundamental risk to payments is poor identity management.
And it’s a legitimate concern.
After all, poor identity management apparently enabled hackers to steal $81 million from the central bank of Bangladesh in February, as part of a fraudulent transaction that was approved by the Federal Reserve Bank of New York.
And in a real-time or near-real-time environment, once the money is gone, it’s gone.
Unlike in the United Kingdom, Australia and other economically advanced parts of the world, faster payments are not the norm in the U.S.
Crowe declined to touch the interchange issue. “Cost is not the No. 1 worry for the Fed when it comes to faster payments,” she noted during the summit.
The top concern, she says, is “a faster process that is still secure for business.”
The Secure Payments Task Force’s goals differ from the goals of the Faster Payments Task Force.
And the Secure Payments Task Force has identified four areas that must be addressed to ensure the ongoing security of the payments system in the U.S. going forward.
Faster payments will be part of that, but not all.”
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=dc1567f2ea&e=20056c7556
Accenture : Data theft, malware infection big threat to digital businesses
The new report from Accenture and HfS Research say that 69 percent of respondents experienced an attempted or successful theft or corruption of data by insiders during the prior 12 months, with media and technology organizations reporting the highest rate (77 percent).
This insider risk will continue to be an issue, with security professionals’ concerns over insider theft of corporate information alone rising by nearly two-thirds over the coming 12 to 18 months.
The survey, “The State of Cyber security and Digital Trust 2016′”, was conducted by HfS Research on behalf of Accenture.
More than 200 C-level security executives and other IT professionals were polled across a range of geographies and vertical industry sectors.
The survey examined the current and future state of cyber security within the enterprise and the recommended steps to enable digital trust throughout the extended ecosystem.
The findings indicate that there are significant gaps between talent supply and demand, a disconnect between security teams and management expectations, and considerable disparity between budget needs and actual budget realities.
Despite having advanced technology solutions, nearly half of all respondents (48 percent) indicate they are either strongly or critically concerned about insider data theft and malware infections (42 percent) in the next 12 to 18 months.
When asked about current funding and staffing levels some42 percent of respondents said they need more budget for hiring cyber security professionals and for training.
More than half (54 percent) of respondents also indicated that their current employees are underprepared to prevent security breaches and the numbers are only slightly better when it comes to detecting (47 percent) and responding (45 percent) to incidents.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=5d409f726c&e=20056c7556
Ponemon Institute: External Cyber Attacks Cost Enterprises $3.5M/year, 79% of Businesses Lack Comprehensive Strategies to Manage these Risks
TORONTO–(BUSINESS WIRE)–Despite acute awareness of the millions of dollars in annual costs, and the business risks posed by external internet threats, security leaders highlight the lack of staff expertise and technology as a key reason that these attacks are unchecked, according to results from a new Ponemon Institute study sponsored by BrandProtect.
Seventy-nine percent of the IT and IT security practitioners polled indicated their defensive infrastructure to identify and mitigate those threats are either non-existent, ad hoc or inconsistently applied throughout the enterprise.
The findings reveal that the companies represented in this research averaged more than one cyber attack per month and incurred annual costs of approximately $3.5 million because of these attacks.
The report “Security Beyond the Traditional Perimeter,” sponsored by internet risk detection and mitigation expert BrandProtect, examined the threats, costs and responses of companies to external internet cyber attacks.
These threats include executive impersonations, social engineering exploits, and branded attacks arising outside a company’s traditional security perimeter.
Security professionals cited an acute need for expertise, technology, and external services to address their growing concerns about these external threats.
Some of the key findings include:
– Fifty-nine percent of respondents say the protection of intellectual property from external threats is essential or very important to the sustainability of their companies.
– External internet attacks are frequent and the financial costs of these attacks are significant.
Respondents in this study report they experienced an average of 32 material cyber attacks or slightly more than one per month, costing their companies an average $3.5 million annually.
– Seventy-nine percent of respondents described their security processes for internet and social media monitoring as non-existent (38 percent), ad hoc (23 percent) or inconsistently applied throughout the enterprise (18 percent).
– Sixty-four percent of security leaders (directors or higher) feel that they lack the tools and resources they need to monitor, sixty-two percent lack the tools and resources they need to analyze and understand, and sixty-eight percent lack the tools and resources they need to mitigate external threats.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=ddcbb18977&e=20056c7556
2016 Malware Levels Now Stand at Nearly Four Times 2015 Totals
GULF BREEZE, Fla., July 19, 2016 (GLOBE NEWSWIRE) — via PRWEB – Necurs is back with a vengeance, according to the security research team at AppRiver.
In its Q2 Global Security Report, the company notes that the infamous botnet’s return was one of the major reasons behind the escalation in malware activity–which clocked in at 4.2 billion malicious emails and 3.35 billion spam emails between April 1, 2016, and June 30, 2016.
For the first time, the report also includes metrics from Web-borne threats, reporting an average of 43 million unique threats daily throughout the second quarter.
AppRiver’s security analyst team quarantined 4.2 billion emails containing malware in Q2, pointing to a continued increase in malware traffic this year and resulting in total of 6.6 billion emails quarantined during the first half of 2016.
For comparison, analysts observed 1.7 billion emails containing malware during all of 2015.
Ransomware levels, as predicted in the Q1 Global Security Report, have increased this quarter–and arguably pose the greatest threat to netizens.
AppRiver’s security researches predict that the massive volume of malware isn’t likely to subside anytime soon.
With the likes of Locky and Zepto kidnapping users’ files until they pay a ransom, malware–especially ransomware–has become a business of its own.
The popular channels that malware, like ransomware, travel through include obfuscated JavaScript, malicious macros, and OLEs (Object Linking and Embedding).
Fifty-five percent of spam and malware traffic originated in North America, with Europe coming in second place.
Additionally, AppRiver’s SecureSurf™ Web filtering detected a spike in phishing attempts in June.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=35665b2aeb&e=20056c7556
Twitter Hacking and Social Media’s Risk to Executive Security
The use of social media as a means for targeting victims – whether through phishing or social engineering scams – is nothing new.
However, i