Articles about Cybercrime

The average cost of a cyberattack is now estimated at $1.1 million, according to a new report from cybersecurity company Radware. For organizations that calculate rather than estimate the cost of an attack, that number increases to $1.67M.

The main impact of cyberattacks, as reported by respondents, is operational/productivity loss (54 percent), followed by negative customer experience (43 percent). What’s more, almost half (45 percent) report that the goal of the attacks they suffered was service disruption. Another third (35 percent) say the goal was data theft.

Continue reading →

Americans are more worried about a cyberattack disrupting the financial and banking system than attacks against hospital/emergency services, voting systems or power grid/energy supply companies.

This is among the findings of a survey by ESET to mark National Critical Infrastructure Security and Resilience Month, which surveyed 1,500 Americans to discover their views on critical infrastructure attacks.

Continue reading →

An anti-fraud operation led by the FBI has succeeded in disrupting a scam that has seen cybercriminals using botnets to manipulate internet traffic from 1.7 million IP addresses and generate nearly 30 million dollars in fraudulent ad revenue.

The ad fraud ring, known as '3ve' had been operating for a number of years and built two different botnets by spreading Kovter and Boaxxe malware to individuals through spam emails and drive-by downloads.

Continue reading →

The world has a number of less-than-bright criminals, from those who become stuck in their exit route (think vent pipes and the like), to those who get caught through use of a stolen device. Facebook has even led to a few arrests of people who bragged or posted the video evidence online.

Although this story is courtesy of Facebook, one alleged criminal took an interesting approach to outing himself. While the whole situation is sad for the victim, the end is shocking.

Continue reading →

After a relatively quiet first half of the year, cyberattacks have come back with a bang in the third quarter according to the latest report from Malwarebytes.

Businesses seem to have become the main focus of attacks, experiencing more cybercriminal activity this quarter, with detections up by 55 percent, while consumer detections increased by only four percent over the last quarter.

Continue reading →

While the majority of cyberattacks are aimed at businesses and other organizations, an increasing number are targeting ordinary users, according to the latest report from Positive Technologies.

The most attractive targets were personal data (30 percent) and credentials (22 percent), especially for online banking. To steal this data, attackers compromised a wide range of websites, including web stores, ticket vendors, and hotel booking services.

Continue reading →

Industry increasingly relies on automated systems for the control of processes, but a new report from Kaspersky Lab shows that 41.2 percent of industrial control systems (ICS) computers were attacked by malicious software at least once in the first half of this year.

Based on analysis of systems protected by Kaspersky Lab solutions, the data shows that in 2017, the percentage of ICS computers attacked was 36.61 in the first half of the year and 37.75 in the second half.

Continue reading →

According to the ESG brief: 2017 Cybersecurity Spending Trends, 45 percent of organizations claim to have a problematic shortage of cybersecurity skills. Another ESG report, The Life and Times of Cybersecurity Professionals, reveals that 27 percent of cybersecurity professionals say that the cybersecurity skills shortage has had a significant impact on their organizations.

Training a capable IT staff to keep their network secure and running amid a growing threat landscape is a business imperative. Here’s a look at what executives need to keep in mind to increase the security posture of their organization through cybersecurity training.

Continue reading →

We reported last week on a report highlighting how many security professionals are turning to a life of cybercrime.

In a follow up research piece, Wendy Zamora at Malwarebytes, has been looking at the psychology, motivations and other underlying factors that drive people to take part in cybercrime.

Continue reading →

The attractions and profitability of the digital underworld are leading some security practitioners to become 'gray hats' and get involved in cybercrime according to a new report from Malwarebytes.

The study carried out by Osterman Research finds that in the UK as many as one in 13 security professionals are perceived to be gray hats. Globally, mid-sized organizations (those with 500 to 999 employees) are getting squeezed the hardest, and this is where the skills shortage, and the allure of becoming a gray hat, may be greatest.

Continue reading →

IT security professionals are more than twice as worried about data breaches and cyberattacks today than they were this time last year according to two new reports.

The International Cyber Benchmarks Index and The Changing Face of Cyber Attacks, from the Neustar International Security Council (NISC), reveal the greatest threats as system compromises and ransomware, with 20 percent listing both as their primary concern

Continue reading →

Malware writers have been using a free market model to sell their wares for some time. The success of this approach is clear from new research by Positive Technologies that finds demand for malware creation on the dark web is three times greater than supply.

Demand for malware distribution is twice the supply. This mismatch of supply and demand has led to interest among criminals in new tools, which are becoming more readily available in the form of partner programs that include malware-as-a-service and malware distribution-for-hire.

Continue reading →

Cyberattacks come in many forms and from many sources, but a new report from endpoint security company Carbon Black reveals an increasing number originate from nation states with espionage as their goal.

The findings show that 81 percent of incident response (IR) professionals say the majority of attacks come from Russia, while 76 percent say the majority come from China. These foreign actors are seeking more than just financial gain or theft -- 35 percent of IR professionals say the attackers' end goal is espionage.

Continue reading →

When usernames and passwords are exposed through a data breach or attack on users, criminals harvest these credentials and test them on a wide range of websites and mobile applications, a practice known as 'credential stuffing'.

A new report by security and anti-fraud specialist Shape Security looks at the lifecycle of stolen credentials and at the damage their use can cause.

Continue reading →

No business is immune from cyber attack, and smaller companies are often targeted as they lack the resources to put into first class protection.

A new survey by cybersecurity company Webroot of 600 IT decision makers (ITDMs) at small- to medium-sized businesses, finds that the attacks organizations believed themselves to be most susceptible to in 2017 are rapidly shifting in 2018, while businesses still feel underprepared.

Continue reading →