Cyberespionage.pngThis week we saw a detailed report on the exposure of a cyberespionage campaign drived by suspected Chinese hacking group, APT10;  lack of cybersecurity resources is resulting in cybersecurity departments having to ignore security alerts;  Targeted ransomware is beginning to be the preferred tactic for ransomware attackers. 

 

Highlighting the cyber-security news from the past week in a 120 sec. read. Starting now.

Cyberespionage

APT 10, hacking group are being investigated in a global campaign targeting MSP’s

 

Why is this significant?


  • PwC and BAE Systems collaborated in the investigating and published a report detailing what is being dubbed “Operation Cloud Hopper” .
  • This global campaign targeting MSP’s is being called "one of the largest ever sustained global cyber espionage campaigns”. The group behind the attacks are purportedly Chinese-based and has compromised firms in Japan, UK, France and US.
  • On topic of cyber-espionage, on the eve of U.S. President Trump meeting China President Xi Jinping this week, it was published that "Scanbox" malware was found embedded in pages of the US National Foreign Trade Council (NFTC) website indicating use for cyberespionage by a Chinese nation-state group.

 

Read the full story in Inforsecurity Magazine

 

 

Cybersecurity Alerts

Due to lack of cybersecurity staff within organizations, 54% are forced to ignore security alerts.

 

Why is this significant?


  • In this survey of 150 IT and cybersecurity pros; 35% found it difficult to stay on top of cybersecurity alerts and another “bottleneck” occurs with nearly 30% of the respondents struggling with security operation tools not integrating properly.
  • Attacks are growing at such a rapid pace.  It was discovered in Q4 2016, an alarming rate of 1 new cyber threat hit every 3 seconds. 
  • Plans for 2017 – “39% of respondents in ESG's survey said they plan to invest in processes and technologies to automate security operations related to incident response. More than one-third (35%) plan to invest in threat detection technologies.”

//**enSilo has 1 alert  = 1 active threat, reducing the number of alerts. Learn more here //** 

Read the full story in Dark Reading

 

Targeted Ransomware

Ransomware attackers are shifting gears and going for a more defined targets, corporations.

 

Why is this significant?

  • Generic ransomware is getting more specialized and moving through corporations laterally.  The ransomware demand is increasing from a couple of hundred of dollars to thousands of dollars, depending on the value of the data at stake.
  • A targeted attack that directly gets through by spear phishing campaigns or vulnerable servers is known to infect and go undetected on servers up to six months at a time.
  • A firm has identified 8 groups that have amount to over $500,000,000.

**//Learn more about Targeted Attacks in this educational video: Targeted Ransomware //**

 

Read the full story in ZD Net