Search
  • Avantia Threat Update

DISRUPTING CYBERCRIMINAL STRATEGY WITH AI AND AUTOMATION


Organisations Need to be Skeptical When Looking at Any Vendor Claiming to Offer AI-based Security

This Past Week:

AI deployed to Disrupt Cyber Criminals; Clickjacking goes viral; It’s prison for an ex IT worker; The 2019 state of Cyber Crime in Australia; How can Companies keep up with Cybercrime; A company loses their competitive edge due to breach;

Healthcare providers struggle to protect PII (Personally Identifiable Information); Compromised email accounts top the list of Cyber Insurance claims as well as major data breaches in France, United Kingdom, Canada and United States.


Dark Web ID Trends: Top Source Hits: ID Theft Forums

Top Compromise Type: Domain 

Top Industry: High-Tech & IT

Top Employee Count: 1 -10 Employees 



Disrupting Cyber Criminal Strategy With AI And Automation.

Spending on cybersecurity solutions continues at a rapid pace. According to IDC, a global market intelligence firm, global spending on cybersecurity this year is predicted to grow by nearly 10% over 2018, topping US$103 billion – with large organisations accounting for almost two-thirds of that outlay. However, in spite of this, some predict the total cost of cybercrime could exceed US$2 trillion by the end of 2019 and US$5 trillion by 2023. This means that the cost of criminal activity is currently outpacing security spend by around 20X. This is the result of a system that has always been rigged in favour of the cybercriminal. It's the classic scenario of organisations having to anticipate and block 100% of the attacks they will encounter, while cybercriminals only need to exploit a single misconfigured device or unpatched system to get in. The only difference now is, in the wake of global digital transformation, the stakes are much higher than ever before. Three Critical Security Strategies : Of course, repeating the same behavior over and over and expecting different results is part of the problem. To win this war, you need to rethink your security strategy, and changing your security paradigm involves three basic approaches.

1. Start with Security. Rather than building a network and then overlaying security, start with security in mind. Today’s security policies need to flow seamlessly and enforce policies consistently across your distributed network, from your core network to the cloud, and from the OT network (Operational Technology) your branch offices and mobile workers.  2. Exploit Cybercriminal Economics. Cybercriminals are subject to the same financial restraints as any organization. Profitability requires keeping costs and overhead lower than revenue. This means that most criminals prefer to target low-hanging fruit using known exploits because developing new tools and zero-day attacks (A zero day exploit is a cyber attack that occurs on the same day a weakness is discovered in software. At that point, it's exploited before a fix becomes available from its creator) are expensive. You can eliminate a lot of risk by doing the following: exercise good security hygiene, discover and remove security gaps,  centralize visibility and control, settle on an integrated security framework based on interoperability, high performance, and deep integration, and segment the network to restrict or slow down the lateral movement of malware looking for data to steal and devices to exploit.  3. Fight Fire with Fire  Business and cybercrime alike operate at digital speeds. Many cyber events are successful because they happen faster than security systems can respond. This is especially true if human intervention is required in any step of the process. Instead, critical events need to trigger an immediate response. Of course, automation can only respond to known threats. And while adding machine learning allows automated systems to better identify unusual or abnormal behavior and reduce false positives, the process is often slow.

The Critical Need for Artificial Intelligence: Unlike automation and machine learning, AI attempts to replicate the analytical processes of human intelligence not only to enable decision-making at machine speeds, but over time, can even begin to predict and prevent security events before they occur. Of course, this technology is far more challenging to achieve, and it is why organizations need to be skeptical when looking at any vendor claiming to offer AI-based security. A true AI system requires an artificial neural network (ANN) combined with a deep-learning model to not only accelerate data analysis and decision making, but also enable the network to adapt and evolve when encountering new information. This extensive training process includes being carefully fed massive amounts of increasingly complex information so it can not only identify patterns and develop problem-solving strategies, but also adjust those problem-solving algorithms when it encounters a new pattern.

Training an AI: One of the most critical lines of inquiry when examining a solution that claims to provide AI is about how it was trained. The AI community recommends that any AI solution undergo three stages of training: 

1. Supervised learning. This initial model begins by feeding the AI system with massive amounts of labeled data, where the characteristics of each data set are clearly labeled, and decisions are predictable. As an example, Fortinet’s AI development team leverages the data produced by more than 200 FortiGuard Lab researchers who currently log over 580,000 hours of research data each year. In addition, it ingests data collected from devices and sensors deployed worldwide, including data feeds from threat intelligence sources. Ultimately, it is this level and volume of input that allows the AI systems to continually improve by expand their set of recognizable patterns and responses. 2. Unsupervised learning. In this next phase, unlabeled data is slowly introduced, forcing the system to learn on its own as it starts to see and recognize new patterns.  3. Reinforcement. Both of these processes monitor the system’s performance with familiar and unfamiliar files and “rewarding” the system for good results. Training cycles between these three learning strategies on an ongoing basis for months, or sometimes years, depending on the complexity of the problems it needs to identify and resolve.

Because of the recursive requirements of the learning process, any AI system that does not use all three of these learning models is incomplete. Each learning model helps refine results and improve accuracy. And naturally, because the threat environment continues to evolve, AI training models cannot afford to be static. The system needs to be constantly infused with new models that branch off from existing information, based on new threats and techniques as well as new strategies for identification and resolution. And ongoing monitoring must also be applied, as its effectiveness is only good as the data it consumes. AI can be unintentionally poisoned with bad data, creating a bias that impacts its ability to make good decisions, or be intentionally poisoned to miss certain types of threats, 

AI Disrupts the Entire Cybercriminal Strategy: Many cybersecurity companies claim to have introduced AI capabilities into their solutions. But the reality is, most fall short of true AI because their underlying infrastructure is too small or their learning models are incomplete. Others refuse to divulge the methods that they use, which raises concerns about the reliability of their AI. These should be red flags for any organization looking to adopt an AI-based system. Just as important, even if an AI system meets basic training and infrastructure requirements, it still needs to interoperate within the security environment you have in place. Intelligence in isolation is useless. The more threat intelligence is shared – whether from an external intelligence feed or the integrated security systems deployed across your distributed network – the more effective your AI-based defensive systems will become. But when done right, an AI-based system will give your organization an advantage over even the most sophisticated cybercriminals. It weaves security deep into your infrastructure, identifies and responds to the most advanced threats, and forces criminals to either go back to the drawing board, or more likely, look for a victim that doesn't have such an impact on their bottom line.


How dodgy browser plugins web scripts can silently rewrite that URL you were about to open - Clickjacking code found on sites with 43 million daily visits total.

‘Analysis Clickjacking’, which came to the attention of security types more than a decade ago, continues to thrive, despite defences deployed since then by browser makers. Boffins from Microsoft and universities in China, South Korea and the US recently looked at the Alexa top 250K websites and identified three different ‘clickjacking’ techniques currently being used to intercept clicks. In summary, malicious browser extensions, and dodgy third-party scripts loaded by pages, can quietly alter URLs in links to redirect netizens elsewhere on the web, or trigger more code to run in the background. The goal by the makers of this stuff is to get victims to inadvertently click on adverts, set cookies, fool affiliate programs, download and run malware, and suchlike. The researchers – Mingxue Zhang and Wei Meng from Chinese University of Hong Kong, Sangho Lee from Microsoft Research, Byoungyoung Lee from both Seoul National University and Purdue University, and Xinyu Xing from Pennsylvania State University – are scheduled to present their findings at the USENIX Security conference.In a paper titled, "All Your Clicks Belong to Me: Investigating Click Interception on the Web," the computer scientists describe how they developed their own browser-based analysis framework called Observer to monitor click interception. They did so because the dynamic, event-driven nature of web applications makes it difficult to assess the scripts responsible for interfering with click events simply by looking at application code. They built Observer by customising the open source Chromium browser so they could mediate all JavaScript-driven access to web links in the browser's rendering engine, to identify the initiator of the URL in each link. Among the top 250,000 Alexa websites, they found 437 third-party scripts intercepting user clicks on 613 websites that collectively receive 43 million daily visits. The researchers reported that scripts tricking users to click on page elements disguised as first-party content or implemented as nearly invisible elements placed atop first-party content. They also said they found third-party scripts intercepting users clicks to monetise them, which they describe as a novel click fraud technique. "We revealed that some websites collude with third-party scripts to hijack user clicks for monetisation," the paper says. "In particular, our analysis demonstrated that more than 36 per cent of the 3,251 unique click interception URLs were related to online advertising, which is the primary monetisation approach on the Web." In addition to advertising, clickjacking may be used to drive malware installation. The researchers identified only two such campaigns, but suspect there are many fiddling with click events, noting that it was beyond the scope of their study to analyse the two million URLs in their data set for malware. The clickjacking techniques discussed include: intercepting hyperlinks, either through third-party scripts that tamper with first-party URLs or huge hyperlinks that cover most of a page by enclosing much of the HTML or a large background image; adding a navigation-related event listener to a page element; and using visual deception (copying a first-party design element or a transparent overlay). Augustine Fou, a cybersecurity and ad fraud researcher who advises companies about online marketing, described how such click interception might be accomplished. "If a user downloads a toolbar or extension, the extension sees everything in the browser so it can not only replace or inject ads, it can also inject clicks," he said. "What those extensions might do is call a URL so a cookie gets planted, making an affiliate network believe an affiliate partner drove the sale so it pays a revenue share." As an example, he said, a webpage might include a hidden iframe that loads an Amazon.com page to place a cookie with an affiliate code, which gives the designated affiliate credit for purchases within the next 30 days. Fou pointed to the prosecution of an eBay affiliate for cookie stuffing back in 2013 and said he had recently heard from one of the largest affiliate networks in China that such fraud remains a major problem. "That kind of clickjacking is alive and well and as bad as ever," he said. Fou said the researchers have not only documented affiliate fraud through attribution URL flooding, they've also documenting other forms of display ad fraud that are not well known and also very well hidden. He pointed to JavaScript include directives that happen dynamically so code scanning won't show malicious content and to clickjacking that leads to a roadblock/page-takeover ad that the user has to close before reaching their intended destination. These clicks, he said, can be made to look like ad clicks when the user is really just trying to navigate. Google in 2017 announced changes to its Chrome designed to prevent two types of automatic redirection that were being abused. But as the research paper states: "Chrome still cannot detect and prevent other possible ways to intercept user clicks, including but not limited to links modified by third-party scripts, third-party contents disguised as first-party contents, and transparent overlays." Fou said there's a way to fight clickjacking-driven fraud but it isn't technical. "Literally rip out all the third-party scripts from your website," he said. "Publishers were thinking that by adding more scripts, they could make more money. But they're making less money and their audience is being stolen from them. It's harming the user experience. Once you put someone else's JavaScript on your page, they can then change its function at any time in the future and you'll never know it. That's how all this ‘malvertising’ is happening." 


Ex-IT Worker Who Hacked Former Company's Website Gets Prison:

An Arizona man has been sentenced to 27 months in federal prison for hacking into computer systems operated by his former California employer and then deleting its website and marketing materials. The Los Angeles U.S. attorney’s office says Nikishna Polequaptewa was sentenced Monday and ordered to pay US$53,305 in restitution to his former employer, Blue Stone Strategy Group, a Native American consulting agency. Polequaptewa started working there in April 2014 but was relieved of some IT and marketing duties after falling behind on work. He then deleted the company’s website and marketing materials, costing Blue Stone more than $50,000 to restore its system. A jury found him guilty of one count of unauthorized impairment of the integrity and availability of data, programs, systems, and information.


“Nearly impossible”: As nations wade into cyber crime, how can businesses keep up?

Entrepreneurs need to be skeptical about their interactions with other companies in a cyber security landscape that’s failed to protect small businesses and consumers. That’s the view of information security expert Jaya Baloo, who delivered a stinging rebuke of lawmaker efforts to deal with a surge of cyber crime internationally in recent years. “We’ve made it nearly impossible for people to do well being online,” Baloo said. “We haven’t made it very transparent, and we haven’t educated people along the way.” The chief information security officer of Netherlands-based telecommunications giant KPN, Baloo was in Australia speaking at Xero’s annual conference in Brisbane. As the digital economy has grown around the world since the dawn of the internet in the early-1980s, so too have rates of cyber crime. It’s an underbelly of the information age that’s expected to become a US$6 trillion industry by 2021, according to Cyber Security ventures. In Australia, scams are a AUS$532 Million annual problem according to the ACCC, which last year tracked AUS$4.5 million in losses across over 3,000 small businesses. The rise has prompted local cyber security experts to call for tougher privacy laws to compel companies to do a better job protecting data, amid concern an increased number of data leaks is fueling cyber crime. Referencing reports that North Korea was linked to the infamous WannaCry Malware attack in 2017, Baloo said while small businesses can take steps to deal with individual hackers, the situation was quickly evolving beyond that. “Kim Jong-Un is the OG hacker,” Baloo said. “He managed to net $2 billion to support and fund his literal nuclear arms race by turning to cyber crime. “The question is, what do you have to protect, and who are you trying to protect it from? “If you’re trying to protect against the average ransomware guy, there are things you can do as a small business owner to stop them. “If the problem is Kim Jong-Un sized, good luck with that,” Baloo said. Baloo said entrepreneurs looking to protect themselves and their businesses should be proactive about developing cyber security policies within their organisations. Ultimately, Baloo says large telecommunications companies and regulators around the world are going to have to do the heavy lifting to risks like ransomware and denial of service attacks. “The majority of the issues we have now in cyber security are fixable through technology,” Baloo said. “But we have a bit of a prisoners dilemma in that everyone needs to work together, and we don’t.” “We need some degree of government intervention to force compliance across the board.”



THREAT FOCUS: Option Way - FRANCE

Exploit: Unprotected database

Option Way: Flight booking website

Risk to Small Business: 1.666 = Severe: Incorrect password reset links exposed the personal information of Option Way customers and it provided a leverage point for hackers to access the company’s broader IT infrastructure. Security researchers accessed more than 100GB of company data that included personally identifiable information, billing data, and employee credentials. Taken together, the exposed database raises serious concerns about the platform’s ability to secure company and customer data. In an industry that has historically been cutthroat in regard to acquiring customers and turning profits, such an incident can leave an irreparable blemish on the company’s brand and overall reputation.

Individual Risk: 2.428 = Severe: The exposed database included unencrypted personal information, such as names, birth dates, travel destinations, flight prices, and departure dates. In addition, credit card details were viewable by anyone with access to the database, making it a veritable treasure trove for bad actors perpetrating identity theft or financial fraud. Therefore, those impacted by the breach should enroll in credit and identity monitoring services to ensure that their data isn’t misused now or in the future.

Customers Impacted: Unknown

Effect On Customers: Exposed databases are self-inflicted wounds that come with sizable price tags. Not only do businesses have to carry the cost of recovery, but the reputational damage can have a meaningful impact on their bottom line. As a result, every business should prioritize regular assessments of their cybersecurity threat landscape, ensuring that their defenses are adequate and that their systems are secure.

Risk Levels:

1 - 1.5 = Extreme Risk

1.51 - 2.49 = Severe Risk

2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


THREAT FOCUS: Monster.com Recruitment - UNITED KINGDOM

Exploit: Exposed database

Monster.com: Job recruitment website

Risk to Small Business: 1.888 = Severe: A database belonging to a former Monster.com partner was discovered online. The file contained the personal information from thousands of US and UK users who uploaded their CVs to the job recruitment website. The breach applies to those who uploaded their CVs between 2014 and 2017, but the server wasn’t secured until last month. Since many of those impacted by the breach reside in the EU, the company will face serious GDPR fines along with less quantifiable consequences.

Individual Risk: 2.285 = Severe: The personal information of users, uploaded as part of their CVs, was readily available online. This includes names, addresses, phone numbers, email addresses, and work history. This data is often used to facilitate other cybercrime including advanced phishing attacks and identity fraud. Therefore, those impacted by the breach should enroll in credit and identity monitoring services to ensure that their information isn’t being misused.

Customers Impacted: Unknown

Effect On Customers:Today’s regulatory landscape makes data security a top priority at every level. For Monster.com, failing to account for the data security status of their vendors could cause them to incur fines that will negatively impact revenue, creating additional downstream repercussions. For companies that are fortunate enough not to have experienced a data breach, evaluation and fortification can help ensure that their information remains secure and their bottom line is protected.

Risk Levels:

1 - 1.5 = Extreme Risk

1.51 - 2.49 = Severe Risk

2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


THREAT FOCUS: Yves Rocher Cosmetics - CANADA

Exploit: Unprotected database

Yves Rocher: Cosmetics and beauty brand

Risk to Small Business: 2 = Severe: An unprotected database exposed the personal information of millions of Yves Rocher’s Canadian customers and intimate details about the company’s inner workings. Not only is Yves Rocher tasked with supporting the millions of customers impacted by the breach, the company data could be incredibly valuable to competitors who can gain unparalleled insights into Yves Rocher’s strategies, performance, and future promotions. Companies can pair this data with the customer information available from the breach to create precisely targeted advertising campaigns that could lure customers away from Yves Rocher. To make matters worse, security researchers found that employee credentials from a previous data breach were still compromised, allowing anyone to access other databases where they could modify or delete information.

Individual Risk: 2.285 = Severe Risk: The exposed database included significant amounts of personal information, including names, phone numbers, email addresses, birth dates, zip codes, transaction history, and store location.

Customers Impacted: 2,500,000

Effect On Customers:There is always a direct cost to a data breach, but the ancillary expenses can be even more catastrophic than the original charge. In this case, Yves Rocher could have their business practices significantly undermined as competitors use their lax data security to their competitive advantage. It’s a reminder that data security isn’t just an altruistic priority, it’s a bottom-line issue that every company needs to grapple with.

Risk Levels:

1 - 1.5 = Extreme Risk

1.51 - 2.49 = Severe Risk

2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


THREAT FOCUS: UC Health - UNITED STATES

Exploit: Phishing scam

UC Health: Healthcare network based in Cincinnati, Ohio

Risk to Small Business: 1.888 = Severe: A phishing attack successfully duped hospital employees into compromising patients’ medical records. The breach, which was disclosed on September 4th and discovered on July 6th, impacted email accounts until July 12th. In response, UC Health is updating its email security policies and providing an employee education program to prevent a similar breach in the future. Unfortunately, future-focused initiatives won’t help those whose information is already compromised. To compound the issue, the healthcare provider will now face regulatory scrutiny, bad press, and additional costs of recovery that could have been entirely prevented.

Individual Risk: 2.142 = Severe: The compromised employee accounts contained limited amounts of patient data, including names, dates of birth, medical record numbers, and clinical information. Patients are encouraged to review their accounts for suspicious activity, and UC Health has established an incident hotline where anyone can report possible malfeasance.

Customers Impacted: Unknown

Effect On Customers:The ROI on proactive security measures continues to rise in the face of crippling breaches which come with costly implications. This incident serves as a cautionary tale for all SMBs and highlights the importance of securing customer and employee data before it is compromised.

Risk Levels:

1 - 1.5 = Extreme Risk

1.51 - 2.49 = Severe Risk

2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


THREAT FOCUS: Foxit Software - UNITED STATES

Exploit: Unauthorized database access

Foxit Software: Developer of portable document format software

Risk to Small Business: 2.111 = Severe: Bad actors hacked into Foxit Software’s database, which contained the personal details of customers using the platform with a free account. In response, the company is encouraging all users to reset their passwords. In a competitive software environment, Foxit Software will have to grapple with the financial and reputational implications of a data breach, both of which can significantly impact the company’s bottom line.

Individual Risk: 2.428 = Severe: The accessed database included “My Account” data that contained personal information such as names, email addresses, passwords, phone numbers, company names, and IP addresses. It’s unclear if passwords were encrypted, and Foxit is warning customers to be wary of phishing scams that could leverage compromised data to promulgate damaging campaigns.

Customers Impacted: Unknown

Effect On Customers: Customers and employees are increasingly unwilling to remain with platforms that can’t protect customer data, making data breaches a logistical and PR nightmare for any company. Therefore, when information is compromised, companies need to be swift and robust in their response. Providing supportive services that can identify how data is used after it is stolen can hasten a holistic recovery effort.

Risk Levels:

1 - 1.5 = Extreme Risk

1.51 - 2.49 = Severe Risk

2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


THREAT FOCUS: Artesia General Hospital - UNITED STATES

Exploit: Phishing scam

Artesia General Hospital: Healthcare provider offering primary and specialty health services

Risk to Small Business: 1.666 = Severe: An unauthorized third party compromised an employee’s email account, which included patient information. Hackers had access to the account between June 11th and June 18th, but it’s unclear if the patient data was viewed. Artesia General Hospital is prioritizing staffing training about suspicious emails, but a reactive response will not restore the exposed patient data or lessen impending fines that almost always follow a healthcare-related breach.

Individual Risk: 2.285 = Severe: Patient data was exposed in the breach, including names, dates of birth, medical record or account numbers, health insurance information, and treatment information. In addition, some patients had their Social Security numbers compromised. Personally identifiable information has an established market online, and it can be difficult to prevent its distribution once accessed. Those impacted by the breach should be especially mindful of unusual communications or account activity, as those can be indications of data misuse.

Customers Impacted: 13,905

Effect On Customers: Comprehensive awareness training about the prevalence and best practices regarding phishing campaigns is a necessary step, but those initiatives have to be in place before a data breach in order to truly be effective. Phishing scams will inevitably land in your employees’ inboxes and developing a readiness posture can prevent them from exploiting additional vulnerabilities or instigating a data breach.

Risk Levels:

1 - 1.5 = Extreme Risk

1.51 - 2.49 = Severe Risk

2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


THREAT FOCUS: Circle Ci - UNITED STATES

Exploit: Unauthorized database access

CircleCI: Continuous integration and delivery platform

Risk to Small Business: 2 = Severe: Cybercriminals gained access to a third-party database for CircleCI, which compromised customer information and company data. The breach was uncovered when an employee noticed unusual account activity and notified the CirlceCI security team. Nevertheless, the breach went undetected for nearly a month, impacting customers who accessed the platform from June 30th through August 31st. CircleCI worked with a security provider to repair the vulnerability, but their failure to adequately protect user data will remain a stain on their reputation, a less-quantifiable but uniquely important facet of doing business in 2019.

Individual Risk: 2.571 = Moderate: Customer data that was compromised included usernames, email addresses, and organization names. This data can quickly make its way to the Dark Web where it can be used to facilitate additional cyber crimes. Fortunately, authentication tokens, passwords, and payment information were not involved in the incident. Those impacted should be mindful of suspicious communications, and they should monitor their accounts for any unusual activity.

Customers Impacted: Unknown

Effect On Customers: Working with third-party vendors is an inevitability for most companies, but such partnerships can manufacture additional cybersecurity vulnerabilities that need to be addressed. For businesses looking to avoid a data debacle, evaluating security standards should be a prerequisite to any professional partnership involving the exchange of sensitive data.

Risk Levels:

1 - 1.5 = Extreme Risk

1.51 - 2.49 = Severe Risk

2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


THREAT FOCUS: Fraser Social Services - UNITED STATES

Exploit: Phishing scam

Fraser: Provider of education, housing, and healthcare services for children and adults with special needs

Risk to Small Business: 1.555 = Severe: A phishing scam successfully compromised an employee email account, giving hackers access to a spreadsheet containing information from the Fraser waitlist. In response, Fraser contacted a third-party IT vendor within hours of discovering the breach and was able to secure its network. Needless to say, a reactive response will not mitigate the damage inflicted on those impacted by the breach. Fraser will likely face intense regulatory scrutiny in the near future, as the information accessed is considered protected health information.

Individual Risk: 1.555 = Severe: The data breach did not reveal customers Social Security numbers or credit card information, but plenty of personally identifiable information was made available to hackers. This includes customers’ names, Fraser ID numbers, zip codes, and treatment notes. Affected individuals should carefully monitor their accounts for suspicious activity and consider contacting the hotline that Fraser recently opened up.

Customers Impacted: Unknown

Effect On Customers: Despite a company’s best efforts, some phishing scams inevitably make their way to employees’ inboxes. Since a single click can compromise incredible amounts of sensitive data, businesses of all sizes must prioritize the awareness training that can render such attacks useless. With the cost of a data breach continually increasing, addressing this vulnerability can be one of your company’s best investments.

Risk Levels:

1 - 1.5 = Extreme Risk

1.51 - 2.49 = Severe Risk

2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.



POSTSCRIPT:


Half of Canadians Impacted By Data Breach in 2019 

2019 has been a difficult year for data security, a reality that Canadians are feeling especially acutely.  According to data released by the Office of the Privacy Commissioner of Canada, 19 million Canadians were impacted by a data breach in an 8-month period from November 2018 to June 2019. Canada’s population is just under 38 million, which means that more than half of all Canadians experienced a data privacy event in the past eight months. During this time, 448 data breaches were reported to the agency, a stunning number for a relatively small country.

The report found that 59% of these breaches were derived from hacks and insider threats, and an additional 22% came from accidental disclosures. Regardless of the cause, it’s illustrative of our broad digital moment where data breaches are more of an inevitability than an unrealized risk.

The findings underscore the importance of data security in today’s digital landscape, and businesses can differentiate themselves by prioritizing and executing on a comprehensive data security strategy.


Business Email Compromise Overtakes Ransomware With Insurance Claims 

By virtually every metric, phishing scams have been increasing in frequency and sophistication this year, making them one of the most prominent cybersecurity risks for any business. That reality was reiterated this week when insurance provider AIG published its most recent statistics on cyber-insurance claims.  Business email compromise (BEC) has surpassed ransomware and data breaches as the primary reason that companies file a claim. These vulnerabilities, which include everything from credential stuffing to phishing campaigns, account for 23% of all cyber-related claims. AIG blames weak passwords and a lack of employee training as the primary reasons that BEC claims are on the rise. Moreover, regardless of the methodology, cyber-insurance claims have risen precipitously in the past several years. AIG notes that more claims were filed in 2018 than in the previous two years combined. However, this latest release is a reminder that not all cyber vulnerabilities are out of our control, and accessible measures like comprehensive cyber security training offered by organisations like Avantia Cyber Security can help position businesses for success. 



Disclaimer*: Avantia Corporate Services Pty Ltd and Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, and up to 56 other countries who provide cyber breach and cyber security information to us in real time. Given their international focus and experience in the cyberspace arena we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the contents accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

Want The Information  Cyber Criminal's  Don't Want You To Know?

Subscribe below to receive our weekly Threat Updates straight to your inbox.

Call (07) 3010 9711 

info@avantiacorp.com.au

 

Avantia Corporate Services Pty Ltd,                    Level 7, 320 Adelaide Street

Brisbane, Queensland 4000

AUSTRALIA.

  • LinkedIn Social Icon
  • Facebook Social Icon

DISCLAIMER*: Avantia Corporate Services Pty Ltd and Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, and up to 56 other countries who provide cyber breach and cybersecurity information to us in real-time. Given their international focus and experience in the cyberspace arena, we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the content's accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

*COPYRIGHT 2020* Avantia Corporate Services  PTY LTD - All Rights Reserved.