The Briefing on Cybersecurity

The latest news, trends and data from the cybersecurity industry

In Data:

Cybersecurity News in Numbers

32%

The percentage of UK adults who would like to use biometric identification to access online accounts instead of passwords, according to research by Callsign. In the US the number is 27%. Traditional passwords remain the most popular, but now have less than half of the vote on both sides of the Atlantic.

$1,200

The amount digital code signing certificates are now sold for on the dark web, according to research conducted by Venafi and the Cyber Security Research institute. The certificates are used to verify the identity and itegrity of computer applications, making them a valuable tool for the proliferation of malware on both consumer devices and enterprise networks. 

71%

The percentage of UK businesses that do not have dedicated cybersecurity insurance, according to research by NTT Security. This makes the UK one of the weakest markets. In the US, for example, 53% of businesses have cybersecurity insurance. 

75%

The rate that data breaches reported to the UK's Information Commissioner have increased over the last two years. This is according to a Freedom of Information Act request made by Kroll. It is possible that some of the increase is due to a rise in reporting ahead of GDPR as opposed to an increase in incidents. 

********

23%

The percentage of employees at UK-based small and medium businesses that primarily rely on portable data storage, according to research by Seagate. This means USB drives are their main method of storing company data, despite being easy to lose or damage. 

Campaign Alert:

Emerging attack campaigns

AdvisorsBot

The telecommunications and hospitality industries are being targeted by a new attack campaign that uses carefully tailored malicious emails, such as notifications of food poisoning sent to restaurants. The campaign was first identified by Proofpoint in May of this year.

Thrip

An attack campaign dedicated to cyber espionage activity has been identified by Symantec's Targeted Attack Analytics technology. The campaign has infiltrated satellite communications, telecoms and defense organisations in the US and Southeast Asia. It is thought to be being conducted by a group in China dubbed Thrip.

Cobalt Dickens

A large-scale phishing campaign targeting US universities has been uncovered by Secureworks' Counter Threat Unit. It is believed to be conducted by Iranian group Cobalt Dickens and appears to have been designed to access private data held by the insitutions.

Lazarus Group

North Korean hacking organisation the Lazarus Group, which was behind the infamous Sony hack, has launched a trojan targeting computers running Mac OS. The trojan, which was uncovered by Kaspersky, is thought to be targeting cryptocurrency exchanges.

Share

Share this article

Go to article: Home | Inside a Cyber HeistGo to article: From the EditorGo to article: ContentsGo to article: The Briefing on CybersecurityGo to article: A Day in the Life of a Cybersecurity Red TeamGo to article: Accurate Biometrics Company InsightGo to article: Accurate BiometricsGo to article: Your Files are in the Cloud, so Why Isn’t Your Security? Go to article: The Summer 2018 Data Breach Report: Industry Reaction from the Biggest BreachesGo to article: Account Takeover: The Devastating Successor to Phishing AttacksGo to article: Drone Plans for Sale: How White Hat Hackers Infiltrated a Criminal Gang Selling Military DocumentsGo to article: A Minute in CybercrimeGo to article: Throw Away the (Encryption) Key: Secure Communication in the GDPR AgeGo to article: From the InfluencersGo to article: Compromising Whois: How GDPR is Weakening SecurityGo to article: GlobalData TechnologyGo to article: What's Your Grade? SecurityScorecard Sends Companies Back to SchoolGo to article: The Impact of GDPR on EmailGo to article: The Human Voice: How to Make It the Holy Grail of SecurityGo to article: Data Breaches: Human Error vs Malicious AttacksGo to article: From Blood Tests to MRIs: How Ransomware Stopped NHS Machines in their TracksGo to article: The Cybersecurity Startup ReportGo to article: Cybersecurity EventsGo to article: Next IssueGo to article: Subscribe to Verdict Encrypt