Cyber News in the Play of the Evil
Take a glance at the most discussed cybersecurity topics of the week.Cybercriminals follow the latest cybersecurity news as much if not more than their victims, according to recent reports.
Cybercriminals keep up with the news and don’t give up
SC Media on October 24, 2018
Two sides of the same coin – the phrase that perfectly describes the coverage of cybersecurity events in the media. Cybercriminals follow the latest cybersecurity news as much if not more than their victims, according to recent reports.
The most illustrative example is when the StrongPity hacker group several times changed attack techniques after exposing their malware methods by victims. As new information was published, the threat actors continued to modify the malware with minimal effort using modifications including new domains, new IP addresses, filename changes, and small code obfuscation changes.
To minimize these risks specialists recommend executives to think historically and analyze the experience of older threat groups that may not have moved on from their initial targets.
Global Cybersecurity Workforce Gap – problems and causes
Security Magazine on October 17, 2018
Recently (ISC)² announced the 2018 Cybersecurity Workforce Study. The main findings are disappointing (just as usual) but it only makes us work harder and meet new challenges. Research shows widening of the global cybersecurity workforce gap to nearly three million worldwide.
Actually, the Asia-Pacific region takes a leading position in a gap rating with shortage at 2.14 million followed by North America gap number at nearly half million. EMEA and Latin America contribute a 142,000 and 136,000 staffing shortfall, respectively. What is interesting, the study also illustrates the barriers that respondents face in terms of career progression. These include unclear career paths for cybersecurity roles, the lack of organizational knowledge of cybersecurity skills and the cost of education to prepare for a cybersecurity career. Thus, filling the workforce gap should involve the implementation of complex measures for both companies and education organizations.
The dangerous union of 5G and IoT…
Threatpost on October 22, 2018
This week the development of fifth-generation mobile networks (5G) has been one of the most discussed topics. While some people are fascinated by opportunities 5G provides to users – high-speed Internet, low latency, others are worried about possible threats that appear as fast as accelerated webpage loading.
In fact, 5G is tied to billions of IoT-devices because of the Low Power Wide Area technology that is used to connect large numbers of far-flung, low-power IoT devices for industrial applications. The growing number of connected devices increases security risk in two ways: by increasing the attack surface available to hackers of the devices themselves; and by providing potential processing power to cybercriminal botnets beyond the devices.
…can lead to a cyberattack threatening the whole country
BBC News on October 25, 2018
And it’s not an overstatement. As our homes are getting smarter – thermostats, video doorbells, sprinkler systems, street lights, traffic cameras, cars that are connected to the high-speed internet, they are transforming to the online massive network collecting and transmitting critical data. Thus, a security issue is more relevant than ever.
So what should we do about all these security concerns? Cody Brocious believes that 99% of hacker attacks on IoT devices can be stopped by preventing inbound connections to them, routing the communications through an intermediary server, most likely operated by the device manufacturer. One more effective way to battle against the hackers is multifactor authentication. Finally, security firms like Cisco are able to monitor how IoT devices behave on a network – the typical data they send and receive, the patterns of traffic – and look for anomalies.