Insights blog.

Given the recent security breaches and reported hacking attempts, it is increasingly important for companies to have a handle on their most sensitive data. Sensitive data can include employees’ personal information, customer information, trade secrets, and other types of data that would cause internal breaches to company information if obtained by a hacker. To identify your organizations’ sensitive data points, refer to our recent article highlighting 5 examples of sensitive data.

Working from home introduces significant cyber risk to any organization. However, recent events reveal that it’s not a case of “if” but “when” bad actors will exploit the rampant vulnerabilities on home networks.

This week the New York Times released a report warning that a group of Russian hackers going by the name “Evil Corp” has been attempting to exploit the rampant vulnerabilities presented by the US workforce shifting to working from home at remote offices, raising fears that major U.S. brands, news organizations, or even election systems could be disrupted with ransomware attacks. The research, conducted by Symantec, revealed that 31 large U.S. corporations, including Fortune 500 companies and news organizations, have fallen victim to Evil Corp, and those are just the ones we know about.

“Celebrity” vulnerabilities like BlueKeep attract the attention and resources of security teams, often hogging the spotlight, allowing other, less visible, but just as dangerous, weaknesses that could be exploited by bad actors to go unnoticed. IoT devices are a perfect case in point.

Last year’s Capital One data breach ranks as one of the largest confirmed breaches ever, exposing the personal data of more than 100 million Capital One customer accounts stored in the cloud.

For years cybersecurity spending has experienced stratospheric growth. Then COVID-19 hit and forecasts took a grim turn. 

While many companies have succeeded in creating a sustainable remote workforce, this “new normal” environment remains particularly challenging for security operations teams. Accustomed to working in a physical security operations center (SOC), where collaboration and teamwork is key, security teams must find ways to operate efficiently while working from home.

This week the 13th edition of the Verizon Data Breach Investigations Report (DBIR) was released, which is usually a hallmark event of the cybersecurity world. As we have been in previous years, Bitsight is proud to be a data contributor to the report. After taking some time to give it an initial read through, however, one thing stood out loud and clear to us: how little has changed after 13 years.

As the U.S. biomedical community rushes to combat COVID-19, the FBI announced last week that, in a bid to win the race for a vaccine or cure, state-sponsored Chinese hackers are targeting U.S. researchers in an attempt to “obtain valuable intellectual property and public health data related to vaccines, treatments, and testing.” 

The COVID-19 outbreak has seen the roles of many cybersecurity professionals change — and many worry what it will mean for protecting their organizations from attacks.

When people talk about cybersecurity risks, the first area that normally comes to mind is malware. Some might even consider that it’s the worst event that can happen, as it normally indicates that a malicious actor has already bypassed the layers of security and now has free-reign to do what they want. The circumstances that led to the compromised systems, however, often tell a larger story. Issues like EternalBlue and BlueKeep require prompt response by system administrators in order to minimize the risk posed to their attack surface. Vulnerabilities often represent unpredictable changes of an organization’s attack surface that increase the risk of breach and compromise where the organization has to react accordingly based on their response plans and internal processes.

We used to think of malicious software — or malware as it’s more commonly known — as a threat to laptops and desktop computers. But as we are increasingly using mobile devices for many important things in our daily lives such as banking, cybercriminals are targeting smartphones and tablets more often. Consequently, Apple iOS and Android, which are the most popular mobile operating systems, have become targets for cybercriminals. Android still remains the most targeted because it has more market share and it’s open source, contrary to its direct competitor.

In a matter of weeks, the COVID-19 pandemic has established a “new normal” in society. But it has also rapidly shifted the business of cybersecurity. 

During the period of March 2020, we looked at a sample size of 41,000 US-based organizations to understand the difference between corporate networks and Work From Home-Remote Office (WFH-RO) networks from a cyber-risk perspective.

As the COVID-19 pandemic sees millions of employees shift to a work-from-home model, collaboration tools like Zoom and Slack have never been more critical or popular. Zoom is currently experiencing a 378% year-over-year growth in its daily active user count and was downloaded 2.13 million times in a single day as lockdowns went into effect worldwide.