A recent survey from cybersecurity company Panaseer has given an insight into the shadowy world of cyber insurance. While many insurers have stripped back their offerings following recent increases in the volume and severity of attacks, several large pay-outs have still been made. Panaseer’s reports gave details of recent insurance claims. In it, the sums revealed that the average cyber breach insurance pay-out in the UK was £3.26 million, and $3.52 million in the USA. These huge sums show the severity of the problem for both clients and insurers – with attackers developing more sophisticated means, 82 per cent of insurers expect premiums to rise. Conditions may also tighten, with 74 per cent of insurers requesting details on cybersecurity approaches before considering a policy.
Email scams are becoming more personalised each day. So much so, that some more recent email scams are even fooling cybersecurity experts. Instead of the scattergun approach that many phishers used to take, email scammers nowadays search the internet and collect personal information that allows them to craft personalised emails. One such attack almost fooled Oliver Buckley, a cybersecurity expert, who received a personal email from his boss asking him to purchase gifts for a client – convincing, until Buckley noticed it was sent from an unknown Gmail address. While this might sound an obvious scam, enough fall for it – phishing cost companies almost £17 billion in damages last year. With more personal emails being developed, it’s more important than ever to carefully check the details of all emails received.
A security advisory has revealed the top 10 vectors exploited by attackers when breaching networks. Top agencies from the United States, United Kingdom, and various European countries contributed to the list, which featured several common issues within cybersecurity. Chief among them were access concerns such as stolen or weak credentials, a lack of multifactor authentication, and unchanged default passwords. Another general theme across the list was a lack of basic best practices – such as unpatched software, incorrectly applied privileges, open ports and poor attack responses. US Homeland Security Advisor Rob Joyce commented, “There’s no need for fancy zero-day exploits when companies give adversaries such easy access options.”
An attack on the Italian city of Palermo, claimed by Vice Society, has left IT teams rushing to restore essential services. The initial breach happened on 2 June, with the municipal website, internal systems, and data storage affected. The incident was then officially declared as ransomware in the following days, before hacker gang Vice Society claimed responsibility. The gang posted an official notice on their website, in a double-extortion attempt, that they would release stolen personal data if a ransom payment was not received. Since then, IT teams have begun to rebuild the city’s network from backups – with several critical services still affected.
This month saw the release of the NIST SP 800-82 Revision 3 document guide to operational technology (OT) security. The draft guides organisations on improving OT security, with emphasis on bespoke performance and safety needs. The document’s approach, in this way, allows for the unique circumstances of every OT system, accounting for different threats and risk tolerances in various critical infrastructure setups. Experts agree that, although not entirely perfect, the new document is effective in considering the unique needs of OT systems. Julia O’Toole describes it as “a step forward in the right direction.”
Costa Rica has been battling against ransomware for the last two months. Early in new president Rodrigo Chaves’s term, an initial wave of ransomware took down several key government systems. In early June, a second wave of attacks targeted the country’s health system – leading to Chaves implementing an official state of emergency. The gang behind the incident, Conti, has launched several high-profile attacks on various sectors, including healthcare. But this is the first time a government has been publicly held to ransom. Half of the healthcare system’s 1,500 servers were affected, meaning over 34,000 appointments have been delayed, with staff left working from discontinued paper forms.
