It has been revealed that a city in the United States was left with little choice but to pay a ransom after its systems were cryto-locked in an attack. The city of West Haven paid $2000 to the cyberattackers, who the U.S. Department of Homeland Security claims to have originated from outside the United States. Tim Erlin, VP at Tripwire: “This is a classic situation where the good of the many conflicts with the one. For any individual ransomware victim that doesn’t have adequate backups, it’s advantageous to pay the ransom, but the very best way to combat the epidemic of ransomware is to…
ISBuzz Team
Local Governments may not be doing all that is necessary to secure elections especially when it comes to authenticating voters. Industry experts are recommending that local officials employ two-factor authentication to correctly identify voters, but Ryan Wilk, VP of Customer Success at NuData Security, a Mastercard company says even more is needed. Ryan Wilk, VP of Customer Success at NuData Security: “Two-factor authentication is the easiest step to increase account security. However, sophisticated bad actors can also intercept security codes sent to a device. This is why local governments and any other entity who offers services online, should consider verifying…
Parliament is not doing enough to stop the spread of fake news across social media sites such as Facebook and Twitter, the culture committee has warned. Tory MP Damian Collins, who chairs the committee, says he is “disappointed” by the response to its latest report. The government says it is already considering action in many areas. It has urged the committee to await the outcome of other reports and a consultation on beefed-up powers for the Electoral Commission to regulate digital advertising during elections. Corin Imai, Senior Security Adviser at DomainTools: “The UK parliament’s culture committee are absolutely right to be taking the…
Aatish Pattni, regional director of UK and Ireland for Link11 highlights the parallels between today’s organised cybercriminal gangs and their historic predecessors, the Mafia When many of us hear the term ‘Mafia’, we conjure up the thought of ’wise guys’ of the 1920’s and 30s in pinstripe suits, personified by Al Capone or those immortalised in movies like The Godfather or Goodfellas. Over the years, the media, folklore and legend has glorified what was clearly a highly-organised and profit-driven group of criminals. So what’s this got to do with cybercrime, I hear you ask? The prevalent image of a cybercriminal…
It has just been reported that Morrisons has lost its challenge to a High Court ruling that it is liable for a data breach that saw thousands of its employees’ details posted online in the first data leak class action seen in the UK. Workers brought a claim against the company after employee Andrew Skelton stole the data, including salary and bank details, of nearly 100,000 staff. Commenting on the news are the following cyber security professionals. Tim Sadler, CEO and Co-founder at Tessian: “While an organisation’s employees are its biggest asset, they can also unfortunately be its biggest risk. In…
The news broke this morning that PocketiNet, a Washington state internet provider, left an AWS S3 server exposed online without a password. The information exposed included tens of gigabytes of network schematics, passwords and other sensitive files for at least six months. Rich Campagna, SVP of Product Management at Bitglass: “PocketiNet’s AWS misconfiguration is yet another example of how a simple, overlooked problem can expose massive amounts of information, harming individuals and organizations alike. It seems that leaving servers unsecured has become one of the most common security issues and, consequently, one of the most widely targeted vulnerabilities in the enterprise. Unfortunately, organizations…
News broke this afternoon that one of the UK’s leading supermarkets Morrisons will potentially be required to pay out a ‘vast’ sum to employees following a 2014 security breach which seen the payroll details of 100,000 members of staff leaked. Corin Imai, Senior Security Advisor at DomainTools: “With data breaches we are conditioned to think more about customer data being compromised, but the effects of employee data can be just as severe. The fact that payroll details were leaked is particularly concerning, as these are exactly the kind of details which malicious actors could use in order to commit identity or financial fraud. The…
According to the latest figures released by the Office of National Statistics (ONS), cyber crime has fallen by 30% across England and Wales. The ONS’s annual Crime Survey for England and Wales (CSEW), states there were 1.1 million estimated instances of computer misuse for the year ending June 30 2018, down from 1.6 million for the corresponding period a year prior. Commenting on the news is Javvad Malik, Security Advocate at AlienVault, who has a different opinion regarding the findings. Javvad Malik, Security Advocate at AlienVault: “Looking at the data we collect in Open Threat Exchange (OTX) there is nothing to indicate that computer attacks…
Reports suggest that Facebook is approaching several major cyber security companies with the intention of an acquisition, in order to improve its cyber security procedures and also regain users’ trust. In response to this, please see the below comment from Jake Moore, cyber security specialist at ESET UK, with his thoughts on why this is a positive move from Facebook. Jake Moore, Cyber Security Specialist at ESET UK: “After any major attack in a business’ security, which in turn harms its reputation, the first thing to do is to reevaluate the situation to improve company security. Simply burying one’s head wishing…
It has been reported that hackers breached the following. A HealthCare.gov sign-up system and have gotten their hands on the personal information of roughly 75,000 people. The system is named Federally Facilitated Exchanges (FFE), and is managed by the Centers for Medicare & Medicaid Services (CMS). Healthcare insurance agents and brokers use the FFE to enroll users into Obamacare plans made available through the official HealthCare.gov portal. Below is Industry Leaders Reaction on this data breach as part of our experts comments series on recent cyber security news. Pravin Kothari, CEO at CipherCloud: “Healthcare data has remained at the center of the bullseye for…