Last week, a massive wave of spam email that infects victims with a new type of ransomware, dubbed "Jaff", flooded networks across Europe, North America and Australia. Estimates put the number of malicious emails in the tens of millions.
This article previously appeared on Information Management. Mordechai Guri is Chief Science Officer at Morphisec.
National Cybersecurity Awareness Month closed by focusing on scenarios straight out of action movies and nightmares – attacks on our critical infrastructure. These days, however, the threat is more likely to come from an innocent seeming email than bomb-toting terrorists à la Die Hard.
Utilities, hospitals, transportation systems, and all the other systems our communities and countries depend on are increasingly digitally controlled and connected. This brings tremendous productivity and reliability gains: better alignment of supply and demand, predictive maintenance planning, predictive outage response, instantaneous sharing of vital data and more. In some cases, like health care, it can make the difference between life and death.
Last week I had the pleasure of speaking at the Israeli Dealmakers Summit in Silicon Valley. With over a thousand of the world’s top corporations, investors and entrepreneurs, it’s known as the largest and most prestigious Israel-focused business event. While it was exciting to participate, the real privilege was to be able to help showcase the innovative ideas and technology coming out of Israel.
Imagine this. You are in charge of public health and must deal with an unrelenting epidemic. You have two options for protecting the population.
The first option is to monitor each person for symptoms of infection. You buy analytical technology and infrastructure, hire staff and build hospitals. You send forth specialists to monitor everyone. When they notice symptoms, more tests are performed. The symptoms are
subtle (fatigue, headache, stiffness), and healthy and sick people look a lot alike, so to be on the safe side you test far more people than are truly ill. Once you suspect infection, you quarantine the person and start a course of treatment. Sometimes the people are cured. Sometimes they are not. You can’t guarantee that you will find everyone who is infected. Or that everyone you treat is ill. The monitoring and mandatory quarantine intrude on civil liberties, disrupt lives and interfere with the economy. To compound matters, the disease mutates, so you have to continually design new screening tests and retrain the specialists.
One of the biggest cybersecurity events of the year, held in one of the most beautiful cities in the world, is almost upon us. The 2017 RSA Conference in San Francisco opens next week, and Morphisec's top experts will be on hand to discuss your security and business challenges. Learn more about Morphisec Endpoint Threat Prevention – the first and only solution to use Moving Target Defense technology to prevent zero-days, evasive malware, ransomware and advanced attacks in real-time.
Hedge funds are coming under increasingly heavy fire from attackers and regulators alike. A 2015 report issued by the SEC that examined more than 100 financial companies found that 88 per cent of broker-dealers and 74 per cent of investment advisers have experienced a cyberattack directly or through one or more of their vendors.
Morphisec brings its team of cyber security experts to CyberTech Tel Aviv next week, January 30 to February 2. Meet the faces behind the pioneering Moving Target Defense technology that’s disrupting the endpoint security field.
Today, a few hackers may be ideologically motivated, but the majority of attacks are financially-driven crimes. This is seen most clearly in the rise of ransomware; no mystery, just pure and simple extortion. And consider the latest victim of choice, the healthcare industry, sacrosanct in most people’s eyes but merely a lucrative, vulnerable target to cybercriminals. As such, cybercrime follows the economic rules of any business – reward must outweigh costs – and should be confronted on those terms.
Welcome to 2017! What should we expect in cybersecurity in 2017? Our final post of cybersecurity predictions is from Adrian Asher, CISO for the London Stock Exchange Group and Morphisec Advisory Board member. He looks at upcoming developments in several key cybersecurity areas and offers some suggestions for moving forward.
This is the second blog post in a series of excerpts from the ebook (download here) “Know Your Cyber Security ROI: Making the Business Case for Cyber Security.” The first post introduced the concept of cybersecurity implicit ROI and the factors that determine the expected value of your cybersecurity operations. It also outlined the three attack phases and the correlation between attack phase and organizational cost.
This post examines the first attack phase and the costs associated with precautionary measures during this phase:
Organizations employ many precautions and actions in the attempt to block cyber attacks. Such measures can require significant time and resources to implement as well as maintain. This class of tools includes endpoint security solutions such as anti-virus, protection and detection systems as well as gateway solutions.
Every enterprise includes software patching as part of its security system to some extent. Because of its widespread use and marked impact on business processes, we will examine patching as an example of direct and indirect costs to your organization.