Despite the substantial increase in remote working since the start of the COVID-19 pandemic, security breaches have stayed about the same for the vast majority of people and businesses, according to security expert Graham Cluley, an award-winning blogger who provided the Tuesday keynote speech at this year’s virtual (ISC)2 Security Congress.
Only one in 10 businesses say they have experienced a dramatic increase in attacks, Cluley said, before quickly adding that attacks don’t always result in breaches. As a matter of fact, research shows breaches increased by only one percentage point over the past 12 months, to 16% from 15% in the previous 12-month period, Cluley said.
“Let’s not be too glum,” Cluley said. While he struck a positive note to cap his talk, Cluley was emphatic about the need to take “sensible precautions” against cyber attacks by locking down security controls and educating users about threats.
Graham Cluley
He noted that many successful attacks these days aren’t perpetrated through sophisticated technical means, but through social engineering and trickery. That’s why phishing, ransomware and business email compromise (often whaling or CEO fraud) are so prevalent.
Serious Consequences
Cluley shared examples of attacks that illustrate how ransomware has evolved from simple ransom demands after locking up systems to far more nefarious schemes with serious consequences. In one case in Germany, a COVID-19 patient died as a result of an attack.
The cybercriminals attacked a hospital thinking they were targeting a university, not a healthcare facility, forcing a transfer of patients to another hospital. One patient died on the journey. And although the attackers subsequently gave the hospital the decryption key, it was too late for the victim, Cluley sai ..
Support the originator by clicking the read the rest link below.
