Subterms
Image: Getty Images Microsoft is telling customers to apply its latest updates to shield Exchange Server from hackers that keep targeting the platform to access corporate mailboxes and nab company address books for phishing. “Attackers looking to exploit unpatched Exchange servers are not going to go away,” Microsoft’s Exchange team warns in an update. “We […] More
Organisations in Australia, the US, and Singapore are amongst the top most likely to put a halt on their digital transformation initiatives due to cyberwarfare threats. Their counterparts in Japan are the least likely to pay in the event of a ransomware attack, joining government organisations as the sector least likely to do so as well. The Russia-Ukraine war has intensified the cyber threat landscape and impacted corporate decisions, with 55% of global organisations revealing they have stalled digital transformation projects due to cyberwarfare risks, according to findings from Armis’ State of Cyberwarfare and Trends report. The security vendor polled 6,021 IT and security professionals across 14 markets, including 501 respondents each in Singapore and Japan, and 511 in Australia. At 79%, Australian companies were the most likely to halt their digital transformation initiatives over cyberwarfare threats, followed by the US at 67%, Singapore at 63%, the UK at 57%, and Denmark at 56%. Some 40% of respondents in Australia saw more threat activities on their networks between May and October last year, compared to the previous six months, with 57% confirming their organisation had experienced a cybersecurity breach. “Many Australians have felt the effects of cyberwarfare first-hand through the ongoing fallout from the Optus and Medibank breaches,” said Armis’ ANZ partner business manager Evan Thomas. “Threat levels are increasing across the region and Australia is no exception, with resources that should be going into building businesses being diverted to tackle this situation instead.”Describing cyberwarfare as “the future of terrorism on steroids”, Armis’ CTO and co-founder Nadir Izrael said it provided a cost-effective and asymmetric method of attack, and businesses had to be constantly vigilant and invest resources to defend against such threats. “Clandestine cyberwarfare is rapidly becoming a thing of the past. We now see brazen cyberattacks by nation-states, often with the intent to gather intelligence, disrupt operations, or outright destroy data,” Izrael said. In Singapore, 60% of respondents admitted to experiencing a cybersecurity breach, while 36% saw more threat activities on their networks between May and October last year, compared to the previous six months. Organisations in healthcare and telecommunications saw the highest increase.Over in Japan, 44% said they had experienced a cybersecurity breach. Faced with a ransomware attack, though, Japanese organiastions were the least likely to fork out for the ransom, with 7% saying they would. In comparison, 47% in the US said their company’s policy was to always pay the ransom, according to the Armis report. Across the board, 31% of respondents from organisations with more than 500 employees said their policy was to never pay in the event of a ransomware attack, compared to 23% of their peers from companies with between 100 and 249 employees. Respondents from government organisations were the least likely amongst all sectors to pay in the event of a ransomware attack, with 43% noting their company’s policy was to never pay, compared to the global average of 26%. And while 31% globally said their organisation would only pay when customer data was at risk, 24% said their policy was to always pay the ransom. RELATED COVERAGE More
By Dzelat — Shutterstock After a months-long covert operation, the US Justice Department (DOJ) and its international partners have taken down an international ransomware network known as Hive, the agency announced Thursday. Since 2021, the Hive ransomware group has targeted more than 1,500 victims around the world, securing more than $100 million in ransom payments […] More
Adrian Kingsley-Hughes/ZDNET It only takes a second to be hacked or leak important data. Drop an unencrypted flash drive (here’s an easy-to-use encrypted drive) or plug into the wrong outlet or click on a phishing link in a spam email and you could be in a world of trouble and not even know it. Also: Flipper […] More
Singapore will soon tag SMS messages sent from organisations that are not registered with the local ID registry as spam. The move is the latest in a series of measures the country has rolled out to combat online scams. Starting January 31, all businesses not on the Singapore SMS Sender ID Registry (SSIR) will have their messages labelled as “Likely-SCAM”, according to industry regulator Infocomm Media Development Authority (IMDA). Registering with the SSIR will enable organisations to use alphanumeric Sender IDs when they push out SMS messages to customers. The mandate would better safeguard consumers against potential scams as well as facilitate tracking when scam messages were sent to local mobile users, the Singapore regulator said. Scam cases initiated via SMS accounted for some 8% of scam reports in the second quarter of last year, compared to 10% in 2021. Since the registry was set up last March, the number of SMS scams had dipped by 64% between fourth-quarter 2021 and second-quarter 2022, IMDA said. More than 1,200 companies currently are on the SSIR, including financial institutions, e-commerce operators, logistics services providers, and small and midsize businesses (SMBs). These business entities have more than 2,600 SMS Sender IDs between them.Under IMDA’s directive, businesses must use only SMS services providers or aggregators licensed by the regulator and that are participating in the SSIR. Businesses should give themselves sufficient time to sign up for the registry before the Likely-SCAM tag kicks in on January 31, said IMDA, which is also exploring further measures such as giving mobile users the option not to receive international SMS messages or calls.The Singapore government over the past year had urged the need for shared responsibility in preventing online scams, following a massive phishing scam involving OCBC Bank customers that resulted in losses totalling SG$13.7 million ($10.18 million). Several measures also were introduced to beef up local banking and communications infrastructures, including a “kill switch” banks must provide to enable customers to suspend their accounts in a suspected breach.RELATED COVERAGE More
Image: Getty/Jamie Grill Cyber criminals are actively exploiting remote management software to aid phishing scams and steal money from victims, a joint advisory by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) has warned. The warning comes following the discovery of an email phishing campaign that tricks victims into downloading […] More
The process shouldn’t take more than a couple of minutes.Now that you’re done, make sure to store your keys in separate places (I have one in use and another as backup, but you might want one for home and another for the office, or whatever works for you).Don’t keep both in the same place — such as on the same keyring. That way if you lose one, you’ll lose both. More
Image: Maskot / Getty Developers across government and industry should commit to using memory safe languages for new products and tools, and identify the most critical libraries and packages to shift to memory safe languages, according to a study from Consumer Reports. The US nonprofit, which is known for testing consumer products, asked what steps […] More
