OUR LATEST CYBERSECURITY NEWS
Catch up on what is happening in the cybersecurity world

Cybersecurity budgets increase in 2022

By MyCena | Posted on : 13 January 2022

MyCena

Companies are in the final stages of 2022 budget planning and cybersecurity is top of their priorities. While, traditionally, IT departments may have struggled to fight for their slice of the budget, the cybersecurity landscape is now different. Directors are well aware of the dangers of ransomware attacks, including huge financial losses and public reputational damage. CPO Magazine reports that the average cost of a ransomware attack more-than-doubled in 2021, from $761,000 to a hefty $1.8 million. It’s now more critical than ever to budget for cybersecurity, saving your company money in the long run.

Log4j vulnerability poses critical security risk

By MyCena | Posted on : 13 January 2022

MyCena

In December, a vulnerability in the open-source Apache logging framework Log4j led to security teams across the globe rushing to secure and patch their systems. Log4j is so widely-used that Jen Easterly, director at the Cybersecurity and Infrastructure Security Agency, called it the most serious security flaw she’d seen in her career, warning that businesses everywhere should make securing their systems against the vulnerability an urgent priority. As Log4j is an embedded Java logging library present in thousands of software products, security teams must write their own patches. The flaw, named Log4Shell, allows malicious Java code to be logged, granting bad actors access to the system in question. Significant attacks taking advantage of the vulnerability have been seen already, with ransomware gang NightSky targeting companies through VMWare Horizon systems, which use the Log4j framework. There have been reports of ransom demands of up to $800,000, demonstrating how severe the damage could be if left unpatched.  

Omnichannel connected services make popular targets

By MyCena | Posted on : 13 January 2022

MyCena

We are using more technology than ever. That’s especially true for corporates, with connected servers, databases, and services key to business in 2022 – and attackers know this. Ransomware attacks have skyrocketed, with businesses acutely aware of the constant threat of leaked passwords and security vulnerabilities. Omnichannel retail also needs to take extra care, with attackers looking to exploit the massive number of APIs companies use to connect their omnichannel services. When attackers know that one successful hack can infect thousands of systems down the line, the stakes are high – and companies should take extreme precautions, segmenting networks and decentralising passwords as a high priority.

School website provider hit by attack

By MyCena | Posted on : 13 January 2022

MyCena

On 04 January, a leading provider of school websites was hit by a massive ransomware attack. The provider, Finalsite, manages content, communications, mobile apps and enrolment for over 8,000 schools. It was forced to take its services offline while it addressed the hack. Security staff first noticed the attack in certain corporate systems and quickly set to work restoring services and corporate networks. Most school services were restored within a week of the attack, and Finalsite has still found no evidence that customer data was stolen. This is the latest of many attacks on service providers, in turn disrupting the systems of thousands of customers.

Is Cyber Insurance still buyable?

By MyCena | Posted on : 13 January 2022

MyCena

The FBI’s Internet Crime Complaint Centre received 300,000 more reports in 2021 than in 2020. As if that wasn’t startling enough, the losses reported totalled more than $4 billion. To protect against losses, companies have relied on cyber insurance. However, with cyber attacks increasing in volume, cost and severity, many insurers have now altered – or completely removed – their coverage options. Insurers have become extremely risk-averse, with Lloyds of London one of many to recently reduce their cyber coverage. For those that do manage to find an insurer, there will be increased costs, less comprehensive coverage, and more burden of proof that any incidents were not the fault of the victim.