A freedom of information request by Corero Network Security has revealed that there is a potential lack of cyber resilience among the providers of UK critical national infrastructure. Data shows that 39% of CNI organisations have not completed the government’s 10 Steps to Cyber Security programme, with 42% of NHS Trusts who responded admitting they had not completed the programme. Edgard Capdevielle, CEO at Nozomi Networks commented below. Edgard Capdevielle, CEO at Nozomi Networks: “With attacks on critical infrastructure increasing, and the potential impacts – imagine large-scale outages of electricity or water treatment – cyber resiliency needs to be a top risk management priority. “This report emphasizes the impact of DDoS attacks…
ISBuzz Team
Small businesses come in all shapes and sizes, but in today’s world, no organisation, large or small, can afford to ignore online security. Whether you’re a team operating out of an office, or an individual working from home, cybersecurity is an issue that every business should prioritise. Granted, cybercrime generally grabs the headlines when a huge multi-national or government agency is the victim, but the many unreported cases affecting small businesses are arguably the bigger story. In Q2 2017, Kaspersky Lab solutions detected and repelled over 342 million malicious attacks from online resources located in 191 countries all over the…
Almost every day we see or hear about major cyber-security threats and software issues that have serious repercussions on the daily running of society. The recent WannaCry ransomware attack brought the NHS to its knees in May and rendered the digital capability of the NHS useless. Shortly after this, a system collapse, suggested to have been caused by human error, also brought British Airways to its knees and meant the company had to take the drastic action of cancelling all its flights for almost 24 hours. But, of course, we have been watching these types of catastrophic digital downfalls play…
Comments from Mike Shultz, CEO of Cybernance, on NIAC report “This report includes fascinating pieces that go beyond the notion we’re in a pre-9/11 moment, although I do agree with that and most others in the industry would as well. The first line of defense truly is commercial enterprise, and that’s a strong, likely to be underestimated statement. That means there are and will continue to be big-splash attacks, but now attacks are coming against the general economy in seemingly smaller packages with just as much damaging impact, and that’s the part that’s most disconcerting. Looking back at NotPetya a…
News broke late last night that web hosting biz DreamHost has been largely crippled by a distributed denial of service attack, bringing down most of its services. DreamHost’s status page reports serious disruption to its hosting, webmail and virtual private servers, as well as degraded email performance. Stephanie Weagle, VP at Corero Network Security commented below. Stephanie Weagle, VP at Corero Network Security: “There are countless reasons why hosting providers must implement dedicated and automated DDoS protection; the motivations for DDoS attack campaigns are far ranging and often magnified due to the number of customers hosting providers service and the aggregate internet…
Is IT security getting the attention it deserves in your organization? With the rise of remote access and cloud-based services, IT security has become more important than ever before. Everybody’s online and we all want to access our work anywhere, anytime. The truth is, IT departments just can’t control all actions in the digital world anymore. In the following editorial, IT professional Mark Herrewijnen speaks about how you can make sure everybody does their part to keep your organization and its data safe. What’s so important about security awareness? IT departments always do everything in their power to keep the…
A new report highlighting the lack of IT skills in the police force, has called for the government to create a digital academy to train specialist cyber-police officer, and increase the number of volunteers with these skills. Javvad Malik, Security Advocate at AlienVault commented below. Javvad Malik, Security Advocate at AlienVault: “The police force, like many historic industries and organisations has a challenge to keep up with IT skills. While a cyber-academy of sorts would help in the long run. It should also not rule out the collaborative skills that can be pooled from other government departments, or even private industry.…
An adware campaign working, via Facebook messenger, is using targeted notes and URLs to trick Facebook users into clicking through to an installation screen for adware. Alan Levine, an IT Security Veteran and Security Advisor to Wombat Security Technologies commented below. Alan Levine, Security Advisor at Wombat Security: Why are criminals targeting this? Cyber hackers may have multiple aims, but a consistent key objective is to compromise as many end user devices as possible. Under an attacker’s control, these compromised devices represent significant value because they can then be deployed as a digital army for a variety of malicious purposes.…
World Privacy Forum founder and multi-government advisor Pam Dixon calls for policymakers to take lessons from fundamental failings in India and ensure a ‘Do no Harm’ ethos is the foundation for regulations to protect privacy India’s ‘Aadhaar’ digital biometric system mandatory for vital government and public services has currently virtually no data and privacy protection legislation The Indian Supreme Court has ruled privacy is a fundamental right, but has not yet tackled the question of the legality of the Aadhaar project Risk of ‘mission-creep’ in Europe through the use of biometric systems to identify patients and UK discussions to create a biometric ID card…
The impact of the recent, lethal WannaCry and NotPetya attacks have been staggering with the ransomware hitting nearly 100 countries and some of the world’s largest organisations – who presumably have the financial might and resources to invest in warding off such strikes. And yet, the ransomware penetrated deeply and widely. Three things have come to the fore – no organisation is immune from security breaches; there is no silver bullet for protection; and most crucially, paying attention to security fundamentals is paramount. Let’s look at the core areas: Very plausibly, the impact of WannaCry could have been significantly mitigated…
