The number of data breaches hit a record high last year, and experts are concerned explicitly with the increasing number of cyberattacks.

Special feature

Cyberwar and the Future of Cybersecurity

Today’s security threats have expanded in scope and seriousness. There can now be millions — or even billions — of dollars at risk when information security isn’t handled properly.

Read More

According to the 2021 Annual Data Breach Report published by the Identity Theft Resource Center (ITRC) on Monday, the overall number of data compromises (1,862) is up more than 68% compared to 2020  (1,108). Out of the 1,862 compromises, 1,600 of those were cyberattacks.”The thing that probably concerns me the most is that not only was last year a record high for data compromises but that so many of them were cyberattacks. And particularly, they were the kind of cyberattacks that it’s very difficult for individuals to react to,” James E. Lee, the COO of ITRC, told ZDNet.Lee said the previous all-time high for all data breaches for all causes was 1,500 back in 2017, so the fact that cyberattacks alone accounted for 1,600 compromises last year is a considerable concern for individuals and businesses alike.”We’re talking about losing control over our data by another party, and there’s not very much a consumer can do to prevent that from happening,” he said. “To me, that is very concerning that we’ve now gotten to the point where we’ve got so many cyberattacks going on, it’s hard for an individual consumer to keep up.”Another concern outlined in the report is the increasing amount of ransomware attacks. Over the past two years, ransomware-related data breaches have doubled — from 83 in 2019 to 321 in 2021.”If we continue on pace where we are right now, ransomware will become the number one root cause of data breaches by the end of 2022, surpassing phishing,” Lee said.

Even with the number of overall data compromises reaching an all-time high, the report revealed that the number of victims continues to decrease (down 5% in 2021 compared to 2020) as identity criminals focus more on specific data types than mass data acquisition. Lee said the reason for this is because there has been a shift from identity theft, or stealing someone’s data, to identify fraud, or committing some other crime or making money off that stolen data.”People who are seeking data are being more sophisticated about it, their attacks are more complex, and then how they turn around and use that how they monetize that equally as sophisticated, equally as complex,” he said.Lee said that the ITRC also found that fewer details are being published in breach notices, making it more difficult for businesses and consumers to figure out how to protect themselves or find out a breach even occurred.To help with this problem, the IRTC is introducing a free alert service to consumers within the next two months. The service will allow individuals to create a list of companies they interact with — whether that be their bank, mobile phone carrier, or credit card company — and receive email alerts from the IRTC when the organization was breached with a link to full details. In addition, Lee said the IRTC would introduce the same type of service for businesses to pay to use that would be even more robust.

Lee added that if people find out that they have been affected by a data breach this year, it doesn’t always mean the worst.”The first thing to remember is a data breach does not mean your information is being misused; it just means it’s been exposed,” he said. “There’s no reason to panic just because you got a data breach notice. However, you do need to act on it.”Consumers can do some things if they receive a notification about a data breach, or even proactively prepare for one, to change their passwords frequently and make sure they are long and unique. Lee said it’s also important to freeze your credit if you get a data breach notification and get in the habit of using a multi-factor authentication app.As far as the business side, Lee said training should be a huge priority for everyone in an organization.”More than anything else, security has to be part of an organization’s culture,” he said. “You have to make it something that everybody understands that they have both a personal and a professional responsibility to help.” More

<!–> Anadolu/Contributor/Getty Images I’ve been using Firefox for a very long time. Although it’s not currently set as my default web browser, whenever I need to do something that requires heightened security (such as sending banking or viewing sensitive information), I always turn to the open-source web browser. This is not to say that other […] More

Image: Getty / ShutterWorx From the most basic ‘you’ve won a prize’ scams to the most advanced espionage campaigns, attacks targeting our inboxes are successful again and again.  There’s a reason cyber criminals and hackers continue to send millions of phishing emails.  Because, no matter whether you’re working from the office or working remotely from […] More

Staff at organisations involved in the efforts to aid refugees from the conflict in Ukraine have been targeted by what security researchers describe as a likely state-sponsored phishing campaign that aims to deliver malware. Detailed by Proofpoint, it’s believed the attack exploited a compromised personal email account belonging to a member of the Ukrainian armed forces, which was then used to send targeted phishing attacks to European government workers tasked with managing transportation in Europe, as Ukrainian refugees flee the Russian invasion. 

ZDNet Recommends

The aim of the attacks is likely to be an attempt to gain intelligence from within NATO member countries. Researchers have tentatively linked the campaign to a hacking group known as TA445, part of a wider operation known as UNC1151, which has previously been linked to the government of Belarus.SEE: Cybersecurity: Let’s get tactical (ZDNet special report)However, researchers also note that they’ve “not yet observed concrete technical overlaps which would allow us to definitively attribute this campaign”. The initial phishing emails were detected on February 24, originating from a Ukrainian email address and sent to an undisclosed European government agency. The subject line references the emergency in Ukraine and includes an Excel file named “list of persons”, which contains the malicious macros. If the macros are enabled, the document will download and install malware. Dubbed SunSeed, the malware appears to be a downloader designed to deliver additional payloads. It’s believed that the purpose of these attacks is to track individuals with responsibilities related to transportation, financial and budget allocation, administration, and population movement within Europe, potentially with the aim of gaining intelligence about movements of funds, supplies and people.  Researchers also note that TA445 has a history of pushing disinformation campaigns intended to generate anti-refugee sentiment and if this phishing campaign is linked to the group, the information stolen could be abused to fuel similar operations. Proofpoint’s analysis of this phishing campaign targeting refugee aid comes following a warning by Computer Emergency Response Team for Ukraine (CERT-UA) that phishing attacks – including those believed to be of Belarusian origin – are attempting to compromise targets in Ukraine. It’s believed the campaigns designed to target European governments and personnel involved in aiding refugees will continue as long as the war continues to displace people. “This campaign represents an effort to target NATO entities with compromised Ukrainian military accounts during an active period of armed conflict between Russia, its proxies, and Ukraine. While the utilised techniques in this campaign are not ground-breaking individually, if deployed collectively, and during a high tempo conflict, they possess the capability to be quite effective,” Proofpoint researchers said in the blog post. “Being aware of this threat and disclosing it publicly are paramount for cultivating awareness among targeted entities,” they added. Several other phishing campaigns are also attempting to exploit the Russia-Ukraine war in what are likely attempts to steal passwords, financial information and other sensitive data, as well as potentially delivering malware. Microsoft has detailed a number of what are described as “opportunistic phishing campaigns” using tailored phishing campaigns related to Ukraine.Ukraine faced several cyberattacks and malware campaigns in the run up to the Russian invasion, including wiper attacks targeting government networks and other organisations.  MORE ON CYBERSECURITY More

<!–> IR_Stone/Getty Images Equinix has confirmed that a scheduled system upgrade at one of its data centers in Singapore affected the operations of several customers, including two banks.  It led to hours-long disruptions that left ATM and online banking services unavailable over the weekend.  Also: Asian banks are a favorite target of cybercooks, and malicious […] More