A recent report by anti-virus and IT security firm Symantec has found that the UK has the world’s highest rate of malicious email traffic designed to carry out cyber attacks on users and businesses. Detailed in their 2015 Internet Security Threat Report, Symantec found that in the year of 2014, 1 email in every 79 sent to UK businesses were designed to maliciously hack their IT systems. This represented a 61% increase from 2013 and a rate over twice as high as the nearest country, Saudi Arabia. Malicious emails can use social engineering or malware embedded in the message to trick administrators into handing over access to business data such as customer information or commercial accounts. The report clearly demonstrates the high level of risk posed to UK businesses, particularly those who do not have the IT resources to effectively screen malicious emails as well as spam. Without adequate protection and risk assessment, it is clear that the financial and operating risks to UK businesses are only increasing.
The specialist IT cyber security firm FireEye released today the findings of an investigation into a China-based hacking group that has been working undetected for over a decade. The group has been named as ‘APT30’, short for ‘advanced persistent threat’, and has targeting Southeast Asia-based businesses and government departments in order to break into their networks and steal confidential documents. The group is suspected of working from within Chinese government intelligence. What is especially interesting is that the group is using high-sophisticated software designed to steal documents from computers disconnected from the internet (also known as an ‘air gap’) and moving the files to internet-connected computers so they can be uploaded back to the attackers. While this group represents the state of the art in cyber attacks, it is only a matter of time before cyber criminals copy these techniques and use them to target businesses for profit.
Read the fascinating report in full at FireEye:
Specialist computer security firm Veracode has warned businesses that new internet-linked devices like thermostats and security cameras often do not have security built-in, making it easier for hackers or cyber criminals to break into their IT systems or spy on their premises. Nicknamed the ‘Internet of Things’, the new generation of business products are linked to an internet connection, giving business owners the convinience of accessing them outside the network. However, Veracode has studied six popular devices used by businesses and consumers and found them vulnerable. For example, the Ubi light system, which allows users to turn off lights at premises remotely, can be used by criminals to work out when a premises is most likely to be empty and unguarded. They also discovered vulnerabilities that would allow a hacker to install spyware into installed devices. The report demonstrates how the potential benefits of new ways to connect businesses to IT systems also come with new risks.
Read the full article from Computer Business Review at: