Categories
Cybersecurity Tech Magazine

The State of Cybersecurity in 2020

A surprising number of things can happen in a minute, especially when it comes to cyber threats and their consequences. Quick overview. The state of cybersecurity in 2020

Firstly, every 60 seconds, 375 attacks are unleashed upon the global community, costing the world economy $2.9 million. In other words, every single computer with an internet connection is targeted by malicious agents about 1.5 times per minute. A whooping 16,172 records are compromised.[1] Certainly not a promising picture if you are a business leader or oversee a company’s cybersecurity for a living.

As we celebrate cybersecurity awareness month to promote greater security and cyber hygiene, we would do well to keep in mind that every day should be cybersecurity awareness month. Therefore, we can all benefit from a deeper understanding of today’s most common threats and what we can do to protect our business systems from them.

Cybersecurity in 2020: the impact of the pandemic

The already complex world of enterprise security got further intricate with the advent of COVID-19. Also, the sudden shift to remote work has pushed company networks to the limit, opening a myriad of new potential points of entry for attackers to exploit. Additionally, the ensuing fear and confusion have given more leverage to attackers looking to deceive individual employees as a means to gain company-wide access. As they say: you are as strong as your weakest link. And hackers love that.

Cybsersecurity in 2020: the impact of the pandemic

Social engineering, the act of tricking someone by using their natural tendencies and emotional reactions, has acquired a whole new dimension of sophistication and finesse. Phishing emails disguised as governmental safety announcements, fake HR memos encouraging you to get acquainted with the office’s new cafeteria policy. And that is just the start two per cent of all COVID-related websites created in recent months contain malicious code. A seemingly small number until you realise there are billions of COVID-19 pages out there.[2]

Remote work is here to stay, and so are the advanced techniques that cybercriminals use. In fact, they will only get more refined in the months to come.    

A growing variety of cyber threats – Cybersecurity in 2020

In addition to the rising complexity of attacks, the sheer variety of techniques hackers use is a top concern for companies and cybersec professionals who are struggling to catch up with an ever-growing catalogue of threats. New forms of mobile malware alone, for instance, have grown 12% compared to last year. PowerShell-based malware, which leverages the Microsoft task automation and configuration management framework to carry out attacks without leaving any traces, grew by 1,902% over the same time period.[3]  

Also discover our article & interview: Leadership Failure: The Real Human Element Behind Cyber Attacks

Targeting the cloud

Cloud has become the backbone of the modern enterprise, and hackers are targeting it accordingly. The rise in attacks is being particularly felt in those industries which depend the most on the cloud for productivity. For example, threats aimed at the transportation and logistics sector increased by 1,350% in the first quarter of the year. Education experienced a 1,114% rise in attacks, with governmental organisations, manufacturing and financial services following behind.[4]    


The Top 10 Belgian Cloud Pros to Follow on Twitter


Most attacks are opportunistic in nature and involve the “spraying” of cloud accounts with stolen access credentials. The majority of access attempts came from either China, Iran or Russia. [5] 

Ransomware-as-a-service

While phishing and trojans are still behind most cyber attacks, ransomware continues to surge and is perhaps the most feared malware of them all. Its capacity to cripple an entire company’s operations in a matter of minutes, together with how difficult it can be to prevent these attacks in the first place, surely keeps many security specialists and IT managers awake at night. Also, threat actors are becoming increasingly sophisticated.

What started as attacks by individual hackers or small rogue groups has now evolved into full-fledged criminal organisations that operate under a ransomware-as-a-service approach. Some even have “customer service” helplines to guide victims through the process of paying the ransom.

These hacker groups have greatly benefited from COVID-19, taking advantage of the increase in cloud usage and telework. Half of the world’s organisations were hit by ransomware last year, with most successful ransomware attacks involving public cloud data. Data was successfully encrypted in 73% of attacks.[6]

Additionally, attackers are finding more and more weaknesses to exploit as remote workers and IT engineers increasingly use Remote Desktop Protocol (RDP) to access internal resources. The higher use of personal devices has also complicated the problem of shadow IT, multiplying the potential points of access and making it more challenging for security professionals to safeguard company networks.


🔊 Subscribe to our podcast

Join our community and find your next job or expert in IT


[1] The 2020 Evil Internet Minute, RiskIQ, Inc. (2020)
[2] 2020 Threat Report, Webroot (2020)
[3] The McAfee Labs COVID-19 Threats Report, McAfee (2020)
[4] McAfee Labs COVID-19 Threats Report, McAfee (2020)
[5] McAfee Labs COVID-19 Threats Report, McAfee (2020)
[6] The State of Ransomware 2020, Sophos (2020)
Categories
Press review Tech Magazine

Weekly News: Windows Made With Linux

Is Linux the new Windows?

The renowned open-source champion Eric Raymond has always been a huge Linux believer. 

Raymond has long argued that the OS is destined to rule the desktop market. Now he’s gone a step further by saying that it won’t be long before Windows 10 becomes a simple emulation layer on top the Linux kernel. 

According to Raymond, Microsoft’s latest investments in the Windows Subsystem for Linux (WSL) reveal that the Redmond, Virginia company might be quite aware of this impending shift. The company also has recently unveiled a Linux version of Edge for IT pros to test websites. 

But there’s more: the Windows emulation might ultimately disappear altogether, leaving us with a Microsoft shell that is basically all built on Linux.

ZDNet

AI: behind the screens

Despite the media buzz around AI, it can be difficult for someone who is not immersed in the technology to precisely tell you how and where it is being applied. 

Well, this week we got a behind-the-screens look at what developers are doing in both the public and the private sector.

The city of Amsterdam debuted the Algorithm Register, a portal where everyone can learn more about the various AI initiatives being implemented across the city. 

Also, Alexa developers unveiled how they get Amazon’s smart home assistant to interpret what users mean rather than what they say. Here’s more

The pandemic and S/4HANA implementation

S4HANA implementation was ramping up before COVID-19 hit the global business community. Now, as uncertainty piles up, some organisations might consider postponing their migration to SAP’s next-gen ERP until things settle down a bit. 

But should they? 

In an interview with TechTarget, S/4 experts recommend taking advantage of the current disruption. The slowdown in activity offers a great opportunity for IT departments to undergo a more thorough examination of their legacy ERP and come up with a better ecosystem that delivers greater business value.

The biggest challenge they face: convincing business leaders their S/4 project should move ahead.

TechTarget

🔊 Subscribe to our podcast

Categories
Horizon 2050

Nadia — Chapter IV

Follow the story of Nadia, a quantum security expert in 2050 London

Nadia, a story by Miquel Morales.

Jumping in now? Catch up with previous chapters.

Chapter IV

“You know, it’s not the first time I deal with the likes of you. Nor it will be the last, for that matter.”

The woman had a distinctive voice. Coarse, yet sharp as a whistle. A slight lisp and the way she pronounced the ‘r’ betrayed her as a non-native English speaker. Eastern Europe, maybe? Hard to tell.   

“Scoundrels. Corporate leeches who would rather put their energy to nefarious use than do their actual job. Tell me: what was it, how did they get to you? Money? It’s usually money. Perhaps the promise of a shiny new job?”

Nadia tried to keep a steady face despite the woman’s determined scrutiny. A plain metallic table separated the two of them in the middle of an otherwise empty room. Exactly how one would imagine an interrogation room to look like.

“Excuse me, where exactly are we?” It had been a relatively short ride to whatever that place was, but the back of the van they had put her in had no windows. In any case, they couldn’t have gotten further than a few blocks. Somehow, the secrecy of it all made Nadia think it had less to do with the actual police and more with someone else’s particular idea of justice. Ugh, so stupid. If only she had made it for the elevator a couple of seconds earlier, the policeman’s hand wouldn’t have been able to stop the doors from closing. Guess no one is naturally prepared to run from the police at a moment’s notice.  

“Ah, she speaks!”

“I do!” said Nadia with a mocking smile. “And I can tell you right away that I don’t have the foggiest idea of what you are talking about.”

“Funny, because your friend said quite the opposite.”

“My friend?”

The woman pulled up some information on her bracelet’s screen.

“Mr… Tom Schultz. Ah, chatty fella.” Wait, how was Tom involved in any of this? “We know you stole the RayStar duplos, so let’s go straight to the point, please.”

“What?” It was impossible to hide her surprise this time around. “I did not do such… Wait. Are you even police?” Definitely not. This has RayStar written all over it.

“Who is paying you?” The woman was clearly starting to lose her temper.

The door opened and a man in a suit walked in. He leaned on to whisper something in the interrogator’s ear.

“We’re not done here,” said the woman as she reluctantly stood up and followed the man out of the room. The door locked with a beep.

Nadia finally let her guard down and allowed her body to show how nervous she really was, her right foot going up and down in an endless loop. She wished they hadn’t taken her earpiece. She could’ve used Ziza’s help with going through the events of these recent days. The duplos. But EVE had not gotten even remotely close to that data. She couldn’t have the way the system was designed. Especially not with that useless hidden attachment strategy. Plus, EVE’s target had always been the proprietary security algorithms of Nadia’s company. Or at least Nadia had assumed so, given her interest in getting close to the quantum encryption core systems. No, they must have made a mistake. Nadia hadn’t messed around with the duplo dataflows at all. Someone else had to be behind all this. Or had she missed something? She would just tell them about EVE, the attachments, the kidnapping of her sister… The door opened again. It was…

“Tom?! What on Earth…”

“Nadia, listen. There is no time.” He was all sweaty and dishevelled, his eyes full of fear behind the colourful glasses. “They know everything, they figured it all out. I’m so sorry. They had Hao’s file, and they said they would…”

“Tom!” Nadia grabbed him by the shirt and tried to shake him into making some sense. “What is going on? What are you doing here, and what did you do?”    

 “I… There is no time! They will be back any second.” He took her by the arm and the two ushered into a dimly lit hallway with concrete walls. “You need to get out of the city. Didn’t you have a friend up in Coventry? “

“I do. But my sister…” They were now running through a maze of corridors across what seemed like the basement of a large building.

“Your sister is fine, don’t worry.”

“Wait, how do you…”

“She’s fine Nadia! You need to worry about yourself right now.” Voices and steps could be heard some distance behind them. The guards were in pursuit. And getting close.

“Where is my sister?” They reached a fire escape door and Tom cracked it open, prompting the alarm to go off. The light of day filtered in, momentarily blinding Nadia.

“Remember the party the other day? Wait until nightfall and head there. You will understand everything once I’ve also left you an untraceable paycard. You shouldn’t use any of your accounts until I contact you. Not until we clear our name.”

“Tom – where is my sister!”

“Where she has been all this time. At her place.”

“What!”

“Trust me Nadia, I’ve got a plan.” He reached inside his shirt’s chest pocket and took out Nadia’s earpiece. He handed it to her and pushed her towards the door. “Now go! I’ll keep them for as long as I can.”

Flooded with questions, Nadia rushed out into a quiet back alley and started running without looking back. A shot could be heard in the distance.

To be continued…

Read the next chapter: Nadia — Chapter V

Join our talent community

Need tips on how to find a job in IT? Check out our IT job hunting guide.