Data breaches | Business Upturn

Deepfakes on the rise: Cybersecurity experts warn of increased video call scams in 2024

Eesha Chakraborty — Thu, 29 Feb 2024 15:53:10 +0000

The year 2024 is expected to witness a significant rise in online criminal activity, particularly involving the use of deepfakes in video calls, according to cybersecurity experts. This alarming trend is attributed to a confluence of factors, including a surge in online activity due to numerous elections and high-profile events scheduled throughout the year.

Deepfakes, a sophisticated technology capable of manipulating video and audio recordings to realistically depict individuals saying or doing things they never did, pose a major threat in the digital landscape. These fabricated videos can be used to deceive victims into believing they are interacting with someone they know and trust, making them vulnerable to financial scams or the extraction of sensitive information.

A recent incident in Hong Kong serves as a cautionary tale. An unsuspecting individual was duped into participating in a video call seemingly involving colleagues, only to discover later that the participants were deepfakes meticulously crafted by hackers. This deceptive maneuver resulted in the victim unknowingly transferring a staggering €23 million to the perpetrators.

Furthermore, Irish Prime Minister Leo Varadkar fell prey to a deepfake video scam in December 2023. He was misled into believing he was engaged in a video conversation with representatives of the African Union Commission, only to discover later that the individuals were impersonators.

These high-profile cases highlight the growing sophistication of cybercriminals and the potential for deepfakes to cause significant financial and reputational damage. Ken Sheehan, Operations Manager of Smarttech247, the organization hosting the upcoming Zero Day Con cybersecurity conference in Dublin, emphasizes the critical need for vigilance and proactive measures to combat this evolving threat.

“The emergence of new threats is a constant reality in the cybersecurity domain, and we anticipate 2024 to be a period of significant innovation amongst cybercriminals,” Sheehan warns. He emphasizes the expected rise in online activity due to numerous elections and events like the summer Olympics, creating fertile ground for exploitation by malicious actors seeking to exploit security vulnerabilities, both technological and human.

To combat this growing threat, Sheehan outlines eight crucial “golden rules” for individuals and organizations. These rules emphasize the importance of robust network security measures, including firewalls and intrusion detection systems. Additionally, continuous monitoring of systems and prompt response to security incidents are essential. Data encryption, both in transit and at rest, provides another layer of protection. Managing user access through strong authentication methods and vigilant monitoring further enhances security. Maintaining updated software and employing anti-virus and anti-malware software are fundamental practices.

Developing a comprehensive incident response plan ensures swift and effective action in case of a breach. Finally, regular employee awareness training and security audits are crucial in fostering a culture of cybersecurity awareness and mitigating vulnerabilities. By adhering to these principles and remaining vigilant, individuals and organizations can significantly strengthen their defenses against the evolving tactics of cybercriminals.

A multifaceted cyber threat landscape: Report reveals widespread targeting of Russia and former Soviet states

Eesha Chakraborty — Tue, 27 Feb 2024 15:49:32 +0000

A recent report by the Russian company, F.A.C.C.T., sheds light on the multifaceted nature of cyber threats targeting Russia and several former Soviet Union members, including Azerbaijan, Belarus, Kyrgyzstan, and Kazakhstan. The report, titled “The Most Comprehensive Source of Strategic and Tactical Data on CyberSquaresThreats in Russia and the EAEU,” details a significant rise in cyber campaigns over the past year, with at least 14 state-sponsored hacker groups engaging in either destructive or espionage activities.

These attacks, the report suggests, stem from a confluence of geopolitical tensions and national interests. While some groups, like the IT Army of Ukraine, are demonstrably linked to the ongoing conflict between the two countries, others, such as the China-linked SugarGh0st Team, operate with the backing of their respective governments for reasons extending beyond the immediate regional conflict. This diversity of motivations is further reflected in the variety of targets, which range from government and military institutions to critical infrastructure and commercial enterprises.

The report also highlights the growing influence of hacktivist groups in the region. The IT Army of Ukraine, for instance, has emerged as a prominent force, employing distributed denial-of-service (DDoS) attacks and collaborating with other local groups to amplify their impact. Another group, the Belarusian Cyber Partisans, has launched targeted attacks against both Belarus and Russia, utilizing tactics such as website defacement and data breaches.

Interestingly, the report identifies a group known as “Comet Twelve” that appears to operate with a dual agenda, combining financial gain through ransom demands with disruptive tactics that aim to cripple victim networks. This group, along with others like “Muppets” and “BlackJack,” demonstrates the increasingly blurred lines between financially motivated cybercrime and politically motivated attacks.

Looking ahead, the report predicts that the current geopolitical climate will continue to fuel cyber activity in the region. Nation-states, both hostile and neutral, are likely to maintain their campaigns, while disgruntled former employees may also pose a threat. The report underscores the need for heightened vigilance and collaborative efforts to counter this evolving threat landscape.

Wireless chargers exposed to cyberattacks, raising concerns about device damage and fires

Eesha Chakraborty — Sun, 25 Feb 2024 03:35:15 +0000

A recent study published by researchers from Florida University and cybersecurity firm CertiK has sent shockwaves through the tech world, revealing a novel cyberattack method targeting wireless chargers. This “VoltSchemer” attack, as it’s been dubbed, exploits vulnerabilities in these seemingly innocuous devices, posing a significant risk to smartphones and potentially other nearby electronics.

The research delves into the intricate workings of wireless chargers, uncovering security weaknesses that hackers could leverage to wreak havoc. By manipulating the charger’s input voltage, attackers can trigger a series of alarming consequences. In the worst-case scenario, this manipulation can lead to overheating and potential fires within smartphones placed on the charging pad. Additionally, the attack can damage nearby devices due to excessive electromagnetic interference or even trigger unauthorized voice commands through voice assistants integrated into the targeted device.

The study’s findings are particularly concerning as they highlight the vulnerability of popular brands like Anker and Phillips, and even major smartphone manufacturers like Apple and Google. This widespread susceptibility underscores the potential scale of the threat, raising significant concerns for users who rely heavily on wireless charging technology.

The researchers emphasize the gravity of this discovery, describing the attack as scary and akin to black magic due to its ability to manipulate electromagnetic frequencies and inject inaudible voice commands. This emphasizes the sophistication and potential harm associated with VoltSchemer.

The researchers recommend staying informed about the latest developments regarding the attack and familiarizing oneself with the detailed findings outlined in their paper. Additionally, exploring alternative charging methods or implementing security measures specific to wireless chargers may offer some level of protection.

In conclusion, the discovery of the VoltSchemer attack serves as a stark reminder of the ever-evolving cybersecurity landscape. As wireless charging technology becomes increasingly integrated into our daily lives, it’s crucial to acknowledge the potential risks associated with it and take necessary precautions to safeguard our devices and personal information.

Cybersecurity budgets increase in 2024

Eesha Chakraborty — Wed, 21 Feb 2024 17:21:03 +0000

The year 2024 is shaping up to be a pivotal one for cybersecurity spending, with a significant portion of organizations allocating more resources to bolster their defenses against an ever-evolving threat landscape. A recent survey conducted by Infosecurity Europe revealed that a staggering 69% of IT decision-makers anticipate an increase in their cybersecurity budgets, highlighting the growing awareness of online vulnerabilities and the need for proactive measures.

This surge in investment is driven by a confluence of factors. The escalating frequency and sophistication of cyberattacks, coupled with the increasing reliance on cloud-based infrastructure and the ever-growing volume of sensitive data, necessitate a robust security posture. Organizations are acutely aware of the potential financial and reputational damage that data breaches can inflict, prompting them to prioritize cybersecurity as a critical business imperative.

The survey delves deeper into specific areas of investment, revealing that cloud security and incident response are at the forefront of priorities. Nearly half (47%) of respondents plan to allocate between 1-20% of their additional budget to these crucial domains. Cloud environments present unique security challenges, requiring specialized tools and expertise to safeguard sensitive information. Similarly, incident response capabilities are essential for minimizing the impact of breaches and ensuring a swift recovery.

Beyond cloud and incident response, the survey identifies several other areas attracting significant investment. Managed Security Service Providers (MSSPs) and antivirus solutions remain popular choices, with 46% of respondents considering allocating 1-20% of their additional budget to them. These solutions offer a cost-effective way to access specialized security expertise and tools, particularly for resource-constrained organizations.

Investing in human capital is equally important. The survey highlights that 45% of respondents plan to dedicate 1-20% of their increased budget to identity security management, while 44% prioritize education and training. Empowering employees with the knowledge and skills to recognize and combat cyber threats is a critical line of defense. Additionally, 43% of respondents value managed detection and patching, underscoring the importance of proactive threat identification and vulnerability remediation.

Interestingly, the survey also identifies areas where investment is less prevalent. Email security and threat exposure management, while important, seem to be lower on the priority list, with only 40% of respondents intending to allocate 1-20% of their additional budget to them. This could be attributed to the increasing adoption of MSSPs, which often handle these areas as part of their service offerings.

However, the report cautions against complacency. While the overall trend points towards increased cybersecurity spending, it’s not universal. A concerning 15% of respondents reported a decrease in their budgets, highlighting the diverse economic realities faced by organizations. Additionally, the research warns of potential cost increases in areas like licensing and professional services, which could put pressure on budgets.

To navigate these challenges, Infosecurity Europe 2024 offers a valuable platform for knowledge sharing and collaboration. The event will feature a panel discussion focused on maximizing cybersecurity budgets during turbulent times, providing CISOs and cybersecurity professionals with insights on articulating the value of security investments and securing budget allocations. Attendees can also explore strategies for optimizing spending, such as conducting system audits, maximizing existing resources, and investing in personnel development.

In conclusion, the Infosecurity Europe survey paints a picture of an evolving cybersecurity landscape where organizations are increasingly recognizing the importance of robust defenses. While cloud security, incident response, and managed services are attracting significant investment, other crucial areas like education and training merit continued attention. As the threat landscape continues to evolve, effective communication, budget justification, and a focus on both technology and human capital will be key to building resilient cybersecurity postures.

India ranks 80th in local cyber threats despite booming $6 billion cybersecurity market

Eesha Chakraborty — Wed, 21 Feb 2024 15:29:37 +0000

A recent report has shed light on India’s cybersecurity landscape, revealing a concerning trend of local cyber threats targeting internet users. The report, which focused on threats found directly on users’ devices or removable media, placed India at the 80th position globally. This means that a significant portion of Indian internet users faced local threats in 2023, with nearly 34% encountering such malicious programs. These threats can take various forms, including malware hidden within complex installers or encrypted files.

Despite the prevalence of local threats, India’s cybersecurity market is booming, reaching a staggering USD 6.06 billion in 2023. However, experts warn that sophisticated external cyber threats pose a major challenge for businesses. In response, nearly two-thirds of Indian enterprises are planning to outsource key security tasks to managed security service providers in the next three years. Establishing and maintaining trust in the digital realm becomes increasingly difficult when sophisticated attacks threaten to breach data and disrupt operations.

Recognizing this challenge, a significant trend is emerging within Indian enterprises. Nearly two-thirds, or 67%, are considering outsourcing key security tasks to managed service providers (MSSPs) in the coming years. This shift signifies a growing understanding of the complexities involved in managing cybersecurity, and the potential benefits of leveraging specialized expertise. By partnering with MSSPs, organizations can gain access to advanced security solutions and skilled personnel, allowing them to focus on their core business functions with greater peace of mind.

Furthermore, the adoption of artificial intelligence (AI) and digital payments in India adds another layer of complexity to the cybersecurity landscape. As Jaydeep Singh, General Manager for South Asia at Kaspersky, aptly points out, “With the rise of AI use and the consistent digital payment adoption here, it has become imperative for organisations to continuously improve their cybersecurity posture to protect their assets and maintain stakeholder trust.” The integration of AI and digital payments necessitates robust security measures to safeguard sensitive data and prevent financial losses.

While the market is flourishing and awareness is increasing, the persistent threat of local and external cyber attacks necessitates continuous vigilance and improvement.

The growing threat of cybercrime in Africa

Eesha Chakraborty — Tue, 20 Feb 2024 04:19:51 +0000

The META region, encompassing the Middle East, Turkey, and Africa, faces a relentless barrage of cyberattacks. But within this region, Africa has emerged as the prime target for malicious actors, raising concerns about the continent’s digital security and the potential ramifications for individuals, businesses, and governments.

Dr. Amin Hasbini, head of the Global Research & Analysis Team (GReAT) for the META region at Kaspersky, paints a stark picture. For instance, Kenya, South Africa, and Nigeria witnessed a staggering 41 million, 33 million, and 21 million cyberattacks in the past year alone. This alarming trend isn’t just about quantity; it’s also about the nature of the threats. Ransomware, notorious for encrypting files and demanding hefty ransoms for decryption, has reigned supreme for three consecutive years, with file encryption as its preferred weapon.

However, the threat landscape is undergoing a dynamic shift. While some countries grapple with intensified ransomware attacks, others face a surge in Denial-of-Service (DoS) threats, aiming to disrupt online services. This evolving tactic highlights the adaptability of cybercriminals, constantly seeking new avenues to exploit vulnerabilities.

The very nature of the criminal underground is transforming. Dr. Hasbini emphasizes the rapid growth and interconnectedness of these networks, allowing them to flourish and pose an even greater threat. These actors no longer discriminate; they target everyone – individuals, families, and even children. Their methodologies and technologies are constantly evolving, and they readily collaborate and compete, further exacerbating the problem.

Adding another layer of concern is the recent discovery of certain cybercriminals possessing “Zero-Day” exploits, granting them unprecedented access to systems with no known defenses. This highlights the sophistication and alarming capabilities these malicious actors are attaining.

The scale of attacks is also escalating, threatening to overwhelm defenses. The “Raysida” attack on a South African educational institution in January serves as a chilling example. This attack compromised a staggering 500 gigabytes of data, equivalent to 500,000 large Excel files, exposing a vast amount of personal and confidential information. Such incidents underscore the potential severity of cyberattacks in Africa.

Advanced persistent threats (APTs), characterized by stealthy and prolonged intrusion attempts, are also gaining traction. These targeted attacks primarily focus on government, telecommunications, financial, and industrial sectors, posing a significant challenge to regional stability and economic well-being. Dr. Hasbini emphasizes the particular vulnerability of government institutions due to the rapid digital transformation sweeping across Africa, a trend that, while bringing advancements, also creates exploitable gaps.

India’s cybersecurity pros facing burnout crisis: urgent action required

Eesha Chakraborty — Mon, 12 Feb 2024 14:35:23 +0000

The digital ecosystem of India, characterized by its dynamism, confronts a significant challenge: the pervasive issue of burnout among cybersecurity professionals. According to a recent report by Sophos and Tech Research Asia, an alarming 83% of cybersecurity and IT experts in the nation are grappling with burnout. This phenomenon extends beyond typical workplace fatigue; it represents a looming threat that could jeopardize national security and undermine the operational resilience of businesses.

Based on a survey encompassing more than 900 professionals across Asia, the report specifically investigates the Indian scenario, involving 202 respondents from mid-to-large-sized companies. Approximately a quarter (25%) of those suffering from burnout have confessed to either contributing to or directly causing a cybersecurity breach within their respective organizations.

The report pinpoints various factors contributing to the burnout phenomenon. Professionals often find themselves lacking essential support resources, leaving them feeling ill-prepared to navigate the escalating intricacies of their roles. The monotony of repetitive tasks and routines drains motivation, fostering a sense of cynicism. Additionally, unrealistic expectations and relentless managerial pressure exacerbate stress levels, fostering a high-pressure environment.

Paradoxically, the incessant influx of alerts, intended to signal potential threats, induces fatigue and desensitization, blurring the distinction between genuine threats and false alarms. Moreover, the escalating sophistication of cyberattacks compounds the stress, as professionals remain on constant alert, anticipating the next wave of threats.

The repercussions of this burnout epidemic are extensive. Productivity suffers significantly, with an average loss of 3.6 hours per employee per week. Furthermore, companies experience talent hemorrhage, with 33% reporting resignations directly linked to burnout. Most critically, the security stance of organizations diminishes, as burnt-out professionals become less attentive and more prone to committing critical errors.

Addressing this crisis requires a multifaceted approach. Organizations must prioritize the well-being of their cybersecurity teams by offering robust mental health support, fostering open communication, and setting realistic work expectations. Adequate staffing and resource access are crucial, alongside distributing responsibility through clear response plans and involving other departments in cybersecurity efforts.

Policymakers should promote programs to detect and prevent burnout while investing in talent development and upskilling initiatives for a more resilient workforce. Technology vendors can aid by developing automation tools to alleviate repetitive tasks. Ultimately, organizations must take the lead, recognizing that neglecting this issue is not an option. The human aspect of cybersecurity is paramount, and safeguarding the well-being of frontline defenders is not only a matter of employee welfare but also a strategic investment in national security and business continuity on the modern digital battlefield.