Tag Archive for: rise.

2024 Thales Data Threat Report Reveals Rise In Ransomware Attacks, As Compliance Failings Leave Businesses Vulnerable To…


(MENAFN– AETOSWire) (BUSINESS WIRE ) — Thales today announced the release of the 2024 Thales Data Threat Report , its annual report on the latest data security threats, trends, and emerging topics based on a survey of nearly 3000 IT and security professionals in 18 countries across 37 industries. This year’s report found that 93% of IT professionals believe security threats are increasing in volume or severity, a significant rise from 47% last year.

Threats continue to increase in volume and severity

The number of enterprises experiencing ransomware attacks surged by over 27% in the past year. Despite this escalating threat, less than half of organisations have a formal ransomware plan in place, with 8% resorting to paying the ransom demands.

Malware stands out as the fastest-growing threat of 2024, with 41% of enterprises witnessing a malware attack in the past year – closely followed by phishing and ransomware. Cloud assets, including SaaS applications, cloud-based storage, and cloud infrastructure management, remain the primary targets for such attacks.

The report shows that for a second year running, human error remains the leading cause of data breaches, with 31% of enterprises pinpointing this as the root cause.

These insights are drawn from the 2024 Thales Data Threat Report, conducted by 451 Research. The report sheds light on how businesses are adapting their data security strategies and practices in response to an evolving threat landscape.

Compliance is the key to data security

The research found that over two fifths (43%) of enterprises failed a compliance audit in the past twelve months – with the report highlighting a very clear correlation between compliance and data security.

Of those that had failed a compliance audit in the past twelve months, 31% had experienced a breach that very same year. This compares to just 3% of those who had passed compliance audits.

Operational complexity continues to cause data headaches

Fundamental understanding of what systems, applications, and data are at risk continue to lag due to changing regulatory and threat landscapes. Only a third (33%) of organisations are…

Source…

AI hacking scams are on the rise – here’s how to protect your money, points and miles


In 2023, the Federal Trade Commission received 2.6 million fraud reports totaling $10 billion lost to scams, the highest annual loss ever reported. Of those reports, the overwhelming majority were imposter scams where a fraudster impersonates a bank’s fraud department, the government, a business, a relative, a love interest or a technical support representative.

As artificial intelligence becomes easier to access and more sophisticated, it is quickly rising through the ranks as an effective way for scammers to gain access to your accounts, draining them of money or points and miles.

The FTC is actively seeking to thwart AI-generated so-called deepfakes by enacting a rule prohibiting the impersonation of individuals. A deepfake is an image or video that has been digitally manipulated using a form of AI called deep learning. This technology allows fraudsters to make it appear as if someone is saying or doing something that never happened.

This would be an extension of an existing rule against impersonating businesses or government officials.

In fact, the FTC issued a consumer alert last year warning people against scammers who use AI to clone a loved one’s voice in an attempt to have you send them money. Not only can they impersonate the voice of someone you know, but they can also use AI to generate fake images to make their story more convincing.

How is AI being used by scammers?

“Someone could impersonate your child’s voice and tell you that they are out of town, lost their phone and need money right away,” Adrianus Warmus, a cybersecurity expert at NordVPN, told TPG. “They can then use an AI tool to scrape that person’s Facebook or Instagram and create an image that ‘proves’ it’s really them reaching out to you from wherever they say they are,” he explained.

LIUBOMYR VORONA/GETTY IMAGES

Playing to your emotions is not the only way scammers use AI technology to separate you from your money and travel funds.

Related: How and why you should use a VPN internet connection while traveling

Scammers can also use AI to spoof an email address. “It’s possible to impersonate or take over an email address and use AI to even impersonate someone’s writing style to make it sound convincing,” Jeff Reich,…

Source…

Delinea Research Reveals that Ransomware Is Back on the Rise As Cybercriminals’ Motivation Shifts to Data Exfiltration


PRESS RELEASE

SAN FRANCISCO, Jan. 30, 2024 /PRNewswire/ — Delinea, a leading provider of solutions that seamlessly extend Privileged Access Management (PAM), today published its annual “State of Ransomware” report which shows that ransomware attacks are increasing again and reveals a change in strategy among cybercriminals. The familiar tactics of crippling a company and holding it hostage have been replaced by new strategies that use stealth to exfiltrate private and sensitive data. Cybercriminals then frequently threaten to sell it to the highest bidder on the darknet or leverage it to reap a handsome cyber insurance payment.

Titled, “State of Ransomware 2024: Anticipating the Battle and Strengthening Your Defenses,” the report analyzed data from a Censuswide survey of over 300 US IT and Security decision-makers to identify significant changes compared to data from the previous year’s report and uncover new possible trends. First and foremost, ransomware is back on the rise. Although not back at the levels of 2021, the number of organizations claiming to have been a victim of ransomware in the past 12 months more than doubled since last year, from 25% to 53%. Mid-sized companies appeared to be in cybercriminals’ crosshairs the most, with 65% stating they’ve been a ransomware victim over the past 12 months. Organizations are also paying ransoms more frequently, up to 76% from 68% the prior year.

More striking, however, are the emerging trends in motivations, strategies, and tactics that the survey revealed. Data exfiltration registered a surge of 39% (reported by 64% of respondents, up from 46%) and became a preferred goal for the attackers, who are now gaining control of a company’s network to download sensitive data to sell on the darknet. This trend is also evidenced by the significant downturn of traditional money grabs as the main motivation (34%, down from 69% the year before).

“Ransomware certainly appears to have reached a critical sea change – it’s no longer just about the quick and easy payout,” said Rick Hanson, President at Delinea. “Even as organizations are investing more in safety nets like cyber insurance which often have ransomware payouts included in…

Source…

Amount in crypto stolen via hacking fell in 2023 but number of cases on the rise


SINGAPORE – The amount of stolen cryptocurrency from hacking may have fallen globally in 2023, but the number of incidents has risen, a report by blockchain research firm Chainalysis said.

The firm on Jan 24 said global funds stolen via crypto hacking plunged by about 54.3 per cent to US$1.7 billion (S$2.3 billion) in 2023 compared with the year before.

However, the number of individual hacking incidents grew 5.5 per cent the same year to 231, from 219 in 2022.

Hacking refers to the unauthorised access, manipulation or exploitation of computer systems, networks or information.

The report said cryptocurrency hacking has become a pervasive and formidable threat that has led to billions of dollars stolen from crypto platforms and exposing vulnerabilities across the ecosystem.

The drop in the amount stolen via crypto hacking in 2023 is largely because of a fall in decentralised finance, or DeFi, hacking. DeFi refers to a new financial system where transactions are made peer to peer on public blockchains.

“Hacks of DeFi protocols largely drove the huge increase in stolen crypto that we saw in 2021 and 2022, with cyber criminals stealing US$3.1 billion in DeFi hacks in 2022. But in 2023, hackers stole just US$1.1 billion from DeFi protocols. This amounts to a 63.7 per cent drop in the total value stolen from DeFi platforms year over year,” said Chainalysis.

The fall in the value and number of DeFi hacks come as DeFi operators become better at smart contract security, the report said.

Smart contracts are self-executing contracts on the blockchain, with the terms of the agreement directly written into code.

Ms Mar Gimenez-Aguilar, lead security architect and researcher at Web3 and blockchain security firm Halborn, said in the report that the rise in security measures in DeFi protocols is a key factor in lowering the number of hacks linked to smart contract vulnerabilities.

“If we compare the top 50 hacks by value lost from 2023 with those from previous years, there is a reduction in losses from 47 per cent of the total to 18.2 per cent,” she said.

Ms Gimenez-Aguilar said price manipulation attacks remained almost constant, with around 20 per cent of the total value…

Source…