The Briefing on Cybersecurity

The latest news, trends and data from the cybersecurity industry

In Data:

Cybersecurity News in Numbers

32%

The percentage of UK adults who would like to use biometric identification to access online accounts instead of passwords, according to research by Callsign. In the US the number is 27%. Traditional passwords remain the most popular, but now have less than half of the vote on both sides of the Atlantic.

$1,200

The amount digital code signing certificates are now sold for on the dark web, according to research conducted by Venafi and the Cyber Security Research institute. The certificates are used to verify the identity and itegrity of computer applications, making them a valuable tool for the proliferation of malware on both consumer devices and enterprise networks. 

71%

The percentage of UK businesses that do not have dedicated cybersecurity insurance, according to research by NTT Security. This makes the UK one of the weakest markets. In the US, for example, 53% of businesses have cybersecurity insurance. 

75%

The rate that data breaches reported to the UK's Information Commissioner have increased over the last two years. This is according to a Freedom of Information Act request made by Kroll. It is possible that some of the increase is due to a rise in reporting ahead of GDPR as opposed to an increase in incidents. 

********

23%

The percentage of employees at UK-based small and medium businesses that primarily rely on portable data storage, according to research by Seagate. This means USB drives are their main method of storing company data, despite being easy to lose or damage. 

Campaign Alert:

Emerging attack campaigns

AdvisorsBot

The telecommunications and hospitality industries are being targeted by a new attack campaign that uses carefully tailored malicious emails, such as notifications of food poisoning sent to restaurants. The campaign was first identified by Proofpoint in May of this year.

Thrip

An attack campaign dedicated to cyber espionage activity has been identified by Symantec's Targeted Attack Analytics technology. The campaign has infiltrated satellite communications, telecoms and defense organisations in the US and Southeast Asia. It is thought to be being conducted by a group in China dubbed Thrip.

Cobalt Dickens

A large-scale phishing campaign targeting US universities has been uncovered by Secureworks' Counter Threat Unit. It is believed to be conducted by Iranian group Cobalt Dickens and appears to have been designed to access private data held by the insitutions.

Lazarus Group

North Korean hacking organisation the Lazarus Group, which was behind the infamous Sony hack, has launched a trojan targeting computers running Mac OS. The trojan, which was uncovered by Kaspersky, is thought to be targeting cryptocurrency exchanges.

Share this article