Archive for October 4, 2024

Travelers Canada Risk Index Features Cyber Threats as the Top Business Concern

Posted in Commentary with tags on October 4, 2024 by itnerd

The Travelers Companies, Inc. today announced the results of the 2024 Travelers Canada Risk Index, showing cyber threats as the leading concern among business leaders for the second consecutive year. The survey, which was first published in 2023, asks business decision-makers from small- and medium-sized Canadian companies across various industries about the issues that worry them most.

Nearly two-thirds (65 per cent) of respondents said they worry somewhat or a great deal about cyber risks – an increase from 61 per cent last year. Cyber concerns were followed this year by broad economic uncertainty (62 per cent), the impact of the global economy on their companies (58 per cent), financial issues (57 per cent) and supply chain risks (56 per cent).

Cyber Coverage

Two-thirds (66 per cent) reported their companies have purchased cyber insurance, a decrease from 72 per cent a year earlier. Among those who said that their companies did not purchase a cyber policy, 32 per cent indicated it was due to the cost of coverage, and 29 per cent said it was because their companies already have adequate protection in place.

Cyber Incidents

Nearly three in 10 respondents (29 per cent) said their companies or organizations have experienced a cybersecurity event. Medium-sized businesses (36 per cent) were more likely to have suffered a cyber incident than small businesses (20 per cent).

Nearly one in five (19 per cent) admitted their companies experienced a cyber event but did not report it, due largely to fear of damaging their brand or compromising intellectual property.

The most common type of incident was a security breach (36 per cent), where someone gained unauthorized access into a company’s computer system.

Top Cyber Concerns

Eighty-four per cent of respondents agreed having proper cyber controls in place is critical to their companies’ well-being.

The top cyber-specific concern was an unauthorized user gaining access to company banking accounts or financial control systems – up from sixth just one year ago – with 60 per cent of respondents citing it as a worry. Additional cyber concerns included:

  • The potential for compromise, theft or loss of control of customer or client records (59 per cent).
  • A security breach where an unauthorized user gains access to computer systems (59 per cent).
  • A system glitch or error causing computers to go down (58 per cent).

For more information about cyber insurance coverage options with Travelers Canada, click here.

About the Survey

Hart Research conducted a national online survey of 1,000 Canadian business decision-makers August 7-19, 2024, regarding their top challenges. The Travelers Canada Risk Index survey was commissioned by Travelers.

Leave a comment »

70 Countries Attend Counter Ransomware Initiative And Release Response guidance

Posted in Commentary with tags on October 4, 2024 by itnerd

This week, cybersecurity experts from almost 70 countries are attending the fourth annual International Counter Ransomware Initiative meeting at the White House, and yesterday, the UK and Singapore released a voluntary guidance document designed to help victims respond to ransomware attacks and minimize the impact.

Under the new voluntary ransomware guidance, victims are encouraged to:

  1. Report attacks on a more timely basis to law enforcement agencies
  2. Record incident response decisions and data captured for post-incident reviews
  3. Involve more advisers such as cyber insurance carriers and other outside firms that can assist 
  4. Consider if the decision to pay the ransom “is likely to change the outcome”
  5. Review local regulatory requirements for compliance

“External experts such as insurers, national technical authorities, law enforcement or cyber incident response companies familiar with ransomware incidents can improve the quality of decision-making,” according to the new guidance. 

During the event, the participants tackled several initiatives including:

  • The completion of a project on secure software and labeling principles
  • The launch of a member portal by Australia for information sharing 
  • A new U.S. government fund to strengthen members’ cybersecurity capabilities

Morten Gammelgaard, EMEA, co-founder, BullWall had this comment:

  “The International Counter Ransomware Initiative is important, and the steps taken are crucial for improving the worlds collective response against ransomware. The new initiatives coming from the meet, together with new regulatory requirement for better Ransomware resilience will help to drive the fight against Ransomware.

  “However, Ransomware continues to successfully bring down organizations at pace. The world is experiencing a level of disruption and business risk from Ransomware never seen before, and the overall loss from ransomware is at an all-time high for the last 4 years. Some companies fare better than others when attacked and are therefore able to recover faster with less cost. Often, these are the companies that invest in being resilient. Ransomware resilience is directly related to:

  1. The strength of the backup systems and are they available after the attack. Often the organizations that fare well have multiple different options in use such as Cloud back up and Tape backup.
  2. How many files are encrypted during the attack. The less files encrypted the quicker the restoration and recovery time, which means, if the attack can be contained quickly, a organization can recover quickly 

   “Too few organizations test run restoring millions of files and therefore they don’t realize the time and costs associated with the process until it is too late. As a result, they often encounter very high recovery costs when attacked successfully. Companies must adopt an “Assume Breach” posture as all attack can no longer be prevented.

Here’s the thing. Making sure that your organization is in a place where you never have to pay the threat actor is not just good for you. It’s good for all of us as crime shouldn’t pay. I encourage organizations big and small to look at this document and follow it. And if that’s not enough, there’s a broader document which you can read here which gives additional guidance that is useful.

Leave a comment »

Wayne County Pwned In A Ransomware Attack

Posted in Commentary with tags on October 4, 2024 by itnerd

According to local media, Wayne County government has been dealing with a ransomware cyber attack that has taken many services offline since yesterday.

“The county information technology team is aware of a cyber incident targeting some internal systems. We are currently investigating the scope of the incident with our cybersecurity partners which include the FBI and Michigan State Police,” county spokesman Doda Lulgjuraj said.

The full scope of the cyberattack is not fully understood, but for example, at the Sheriff’s Office, jail inmates could not be bonded out as the servers were comprised, and defense attorneys said they couldn’t schedule visits with their clients following the hack.

The Register of Deeds Office closed due to the hack so residents weren’t able to record real estate sales or obtain property records. Furthermore, the Treasurer’s Office reported that tax payments could not be collected online and needed to be made in person.

It is not clear who is behind the attack, but a source says the hacker has made a ransom demand.

Steve Hahn, Executive VP, BullWall:

  “In the last two years Cities and States have moved up as one of the top targets of Ransomware gangs. Most of these gangs are Russian based and as such they view their attacks as a financial element but also as vehicles to disrupt essential services, seed chaos, exacerbate inflation and cause maximum loss of life. When cities, states or counties are hit, essential services like 911 are often impacted and often times, like as was the case for the City of Oakland, they will need to declare a state of emergency. The threat actor also knows that these government bodies do not have the people, staff or tools to stop their attacks. With enough patience and focus, they can take down cities and state services all across the US. Hundreds have been hit in the last two years alone.

  “As we head into the holiday season, threat actors will increase attacks dramatically. A vast majority of attacks take place during off hours and holidays so IT staffs have less ability to respond. We expect to see an unprecedented level of attacks as conflicts continue to rise and tensions with Russia continue to increase.

  “Too often Cities and States think they can prevent these attacks just with traditional security tools like gateways, firewalls and Endpoint Security. The reality is a determined threat actor with patience will find the crack that gets them in. This is why we’ve seen a 200% increase in successful ransomware attacks in the last two years and also why cities and states need to adopt an “when not if” strategy to these events and understand how to contain and recover from them quickly to minimize disruption.”

The phrase “stop the madness” comes to mind as it is madness that we keep having situations like these when organizations should be taking precautions to not get pwned. This honestly needs to end as the continued rampage of threat actors pwning all the things is not something that we can allow to become part of our everyday lives.

Leave a comment »