cyber attack warning danger threat hack

Cyber Attacks are Increasing, The Cost of a Data Breach is Increasing

If you think the pace of cyber attacks is increasing, you’re not wrong. According to Check Point Software, the average number of weekly attacks faced by organizations in the second quarter was up 32 per cent compared to the same period last year. In part that’s due to threat actors trying to take advantage early in the year of organizations that hadn’t patched the Log4j2 vulnerability, and partly due to the cyber war coming from the Russian invasion of Ukraine. Ransomware attacks are up 59 per cent compared to last year. Interestingly, organizations in Africa, Asia and Latin America face the most attacks. A North American firm faced an average of only 845 attacks in a week.

The cost of a data breach continues to rise. That’s according to research by IBM and the Ponemon Institute. The 550 organizations studied around the world that suffered a breach in the 12-month period ending in March paid an average of US$4.35 million to mop up from the attack. That’s up 2.6 per cent from the previous year. The cost was higher for firms in critical infrastructure such as banks, utilities, government and healthcare. In Canada the average cost of the 25 organizations studied was US$5.4 million. Use of stolen or compromised credentials remains the most common cause of a data breach.

Speaking of data breaches, phishing and software vulnerabilities remain the top two ways hackers defeat defences. According to new research from Palo Alto Networks, employees falling for phishing lures were the suspected start of 37 per cent of successful attacks. Thirty-one per cent of attacks started by exploiting software vulnerabilities. Brute forced or previously compromised credentials accounted for 15 per cent of initial access.

Administrators of e-commerce sites using the open-source PrestaShop platform have been warned to update the application immediately to close serious vulnerabilities. Attackers can leverage a SQL injection vulnerability to inject a fake payment form into a website and scoop up payment card data entered by customers.

A Pennsylvania-based convenience store chain will pay US$8 million to several states over a 2019 data breach. The chain, called Wawa, didn’t take reasonable security measures to prevent hackers from installing malware, the states alleged.

Organizations that use Facebook’s Ads and Business platforms are being targeted by a threat actor for stealing corporate information. That’s according to researchers at WithSecure. It believes the hackers are targeting and phishing employees on LinkedIn who likely have high-level access to their company’s Facebook Business account. Those employees are tricked into downloading malware, which the hackers use to get into Facebook Business accounts. Victims may have managerial, digital marketing and HR titles. Employees need to be cautioned about clicking on attachments in LinkedIn messages. Facebook Business accounts should be watched for suspicious downloading activity.

Leave a Comment

Your email address will not be published.