As we near the holidays with Black Friday and Cyber Monday approaching, retailers should be prepared for an increase of malicious infiltrations; also with an increase of cyber attacks with IoT's devices, cybersecurity guru, Bruce Schneier stated in front of Congress that “there's real risk to life and property, real catastrophic risk,"; the Adult FriendFinder site was compromised and could possibly be the biggest breach recorded.

Highlighting the cyber-security news from the past week in a 120 sec. read. Starting now.

Cyber Monday

The holidays are approaching and "Cyber Monday" is another reason why retailers should be increasing their cybersecurity efforts.

Why is this signficant?

  • The increase in retail sales for Cyber Monday was slightly over $3 billion in 2015.  Cyber Monday is expected to increase this year and is considered the largest revenue day of the holiday season, in turn making it a target day for hackers.
  • Where there is money and vulnerabilities, the hackers always find their way in.  Although, retailers are more interested in investing in ROI rather than cybersecurity.  The reality is that “89% of retailers have experienced a data breach in the past two years.”
  •  “According to the KPMG Cyber Services “Consumer Loss Barometer” nearly 20% of consumers say they would stop shopping at a retailer if they learned that a retailer had experienced a hack.” – Of the remaining 80%, (49%) say that it will take at least ½ year to gain their trust back.
    /**Read more here how enSilo can reduce cyber-security costs for retailers**/

    Read the full story on DarkReading

Cyber Security + Congress = ?

Bruce Schneier appeared in front of Congress on the importance for the U.S. government to mandate cybersecurity on IoT devices.

Why is this signficant?

  • Most recently the world has experienced attacks from the internet of things in massive distributed denial-of-service attacks.  Schneier emphasizes that anything connected to the internet, such as cars, airplanes, thermostats and appliances, “there's real risk to life and property, real catastrophic risk," 
  • IoT devices are low-profit products with very little cybersecurity and the sellers/customers of IoT devices have no initiative to fix them. 
  • Congress gave a push back stating that many IoT devices are manufactured abroad and the devices that are U.S. made may be threatened by killing the nation’s chances of being a world leader in the IoT industry. "We don't want this to be an innovation killer," he added. "I don't think I want my refrigerator talking to some food police."
  • History is bound to repeat itself when it comes to an increase of DDos attacks and other malicious attacks during the holiday season.  Regulation will not resolve the current cybersecurity risks on IoTs, but properly defining punitive actions-- and enforcing them would be a great start.

    Read the full story on ComputerWorld

Data Breach

It is reported that more than 412 million Adult FriendFinder accounts were compromised. If this number is accurate, it would make this leak one of the biggest breaches yet.

Why is this signficant?

  • Data that goes back 20 years that included account information including passwords was leaked. User data including dates of last visits, browser information, IP addresses, email addresses, passwords, and site membership status from the Friend Finder Network websites including AdultFriendFinder.com, Penthouse.com, and Cams.com.  Apparently, 15 million deleted accounts were not removed from the Friend Finder Network database and also exposed.
  • This is not the first time that Adult FriendFinder experienced such a breach, they experienced a breach in 2015, 3.5 million accounts were compromised.  Last July, adult hook-up site, Ashley Madison also was hacked and leaked 37 million personal account details. The conclusion is, if compromised once the chances of it happening again are highly likely.
  • It seems as though adult hook-up sites are being targeted due to the information that they store; unlike credit card information that your credit is at risk and cancelling a credit card, just to be replaced by a new one is not the case for sites such as Adult FriendFinder, they hold information that threaten a person’s reputation, which is intimate and irreplaceable.

Read the full story on Washington Post