June generally marks the start of summer, although anyone thinking the cyber criminals will take a few months off should probably think again. Not only has one of most sacred of summer institutions – Wimbledon – been subject to a threat, but fresh attacks and threats emerged all over the world.
It’s clear that organizations must remain vigilant and ready no matter the season. But what can be done when cybersecurity teams are on vacation and organizations are perhaps a little more exposed than at other times?
Game, Set, and Match to Wimbledon Cybersecurity
The strawberries. The hats. The Pimms. Even the actual tennis. For many people, Wimbledon is a good marker for the beginning of summer. But this year’s tournament started in June under the shadow of a Russian cyberattack.
Organizers banned Russian and Belarusian players from competing in the championship this year, increasing fears of a cyberattack designed to disrupt and manipulate the tournament’s scoring system and avenge the ban of players from those countries.
IBM’s system oversees scheduling, statistics, results, and live match scoring, offering up many options for a potential cyberattack. But at the time of writing (halfway through the tournament), there has been no significant incident. Long may that continue, but the threat illustrates that cybercriminals will target any organization they feel might be vulnerable.
Fortra aligns IT and business goals to help organizations using the IBM i operating systems build a competitive edge. If you work in such an organization, then this is fascinating reading.
Related Reading: Fortra IBI i Marketplace Survey Results
Cryptocurrency Cybercrime – Time to Shine?
The past few years have seen an emerging trend in cybercrime – targeting cryptocurrency and blockchain organizations. But 2022 has seen this trend accelerate even further, and in June, we saw one of the biggest attacks ever, with $100 million worth of cryptocurrency stolen from Harmony Protocol.
The attacker supposedly took control of the multi-signature wallet used in Harmony Protocol’s bridge. A statement from the company founder said, “The team has found evidence that private keys were compromised, leading to the breach of our Horizon bridge — funds were stolen from the Ethereum side of the bridge."
A report from blockchain analytics firm Elliptic suggested the involvement of The Lazarus Group, the notorious North Korea-affiliated cybercriminal organization described by the U.S. government as a 'state-sponsored hacking organization.'
Whatever one’s thoughts on blockchain and cryptocurrency generally, the industries seem to be attracting more than their fair share of cyberattacks right now. Those involved in cybersecurity for such organizations would be wise to tighten their defenses, as this trend is only likely to continue.
Is Cybersecurity Fact More Dangerous Than Fiction?
Returning to the UK once more, news reached us in June of a new television program dealing with issues of cybersecurity – The Undeclared War. The show explores a scenario in which the UK is hit by a cyberattack from an as-yet-unidentified source, leaving 55 percent of the internet unavailable.
A graduate starting her first day on the job in the government cybersecurity team identifies a second virus that aims to take down the remaining 45 percent of the internet. Leaving aside the question of whether a graduate – however smart and capable – would be party to such important work, it’s certainly realistic to think of a country being targeted.
Only in last month’s edition of this blog post we wrote about how the ransomware group Conti had targeted the Costa Rican government. It’s not that this scenario doesn’t ring true about The Undeclared War; it's more that the characters don't seem believable. We are only two episodes in, though – we'll revisit next month for a fuller review!
Related Reading: The 5 Biggest Cybersecurity Threats of 2022: How to Avoid Cybersecurity Attacks
Data Breaches Hit New Heights
Data breaches have felt almost ubiquitous over recent years. The sheer volume of these attacks has reached a record high in the U.S., according to the data shared in June by The Identity Defined Security Alliance (IDSA).
IDSA is a non-profit that provides vendor-neutral resources to help organizations reduce their risk of a breach. Its recent survey of identity and security professionals revealed that 84 percent of organizations in the U.S. had suffered an identity-related data breach in 2021. That’s a statistic that almost defies belief. We all know that the more data generated in the world means the more opportunities for a breach are opened, but for that many organizations to have suffered one is astonishing.
What’s an organization to do? The answer is simple – ensure that your data is looked after in the way it needs to be. You can’t stop criminals from trying to hack your data, but you can put in place the defenses that will help keep them at bay.
On-Demand Webinar How to Prevent Data Breaches with GoAnywhere
Have CNI Cybersecurity Leaders Become Lackadaisical?
Any organization wants its cybersecurity teams and leaders to take cyber threats seriously and to prepare their defenses as best they can, which is why recent research from consultancy Bridewell is so concerning.
In a survey of cybersecurity leaders and decision-makers in sectors regarded as critical national infrastructure (CNI), more than 60 percent have not made space to put in place a decision-making plan on whether to pay up if they fall victim to a ransomware attack.
Furthermore, while 79 percent of respondents said that ransomware would significantly disrupt their operations in the next year, less than half have put in place measures to help prevent, detect, respond, and recover from an incident. Given how common ransomware attacks are and how dangerous they have become, it is reasonable to ask why these leaders have taken such an approach?
Staying Secure for Summer
June has shown that there will be no letup in cyber-attacks over the summer. But with cybersecurity teams enjoying their well-earned vacations, there is no need for defenses to be lowered.
We are here to help and offer our customers various support options, including online support forums, customer portal, phone, and email assistance.
