Press "Enter" to skip to content

Security: Mobile, cloud SaaS, SMBs, and more

CheckPoint’s Global Threat index is out – yes, there’s a surge.  Cyberattacks in the Americas are up 70 percent year over year, 97 percent in EMEA and 168 percent in APAC.   Trickbot is the top cyberthreat.  All this data for May 2021.

So good timing then that the White House has appointed the first cybersecurity director.  This happened late last week.  

Turns out those ransomware payments may be tax deductible in the US.    The AP has a piece interviewing tax experts, and that’s the sentiment.  Check with your own team, of course.      Good to know as a Fake DarkSide gang is out there – impersonating the now defunct group in fake extortion emails.  

Google has unveiled a framework called Salsa – that’s Supply chain Levels for Software Artifacts.  It’s intendent to help prevent supply chain attacks, as a way of ensuring software builds are not compromised. 

Want to learn about another way hackers make their money?    Last week was the news of the Electronic Arts breach … part of how they got in was buying a cookie for $10 to log into an EA slack.    And where does that happen?  Genesis Market, a marketplace for criminals to buy and sell services. 

Mobile is a target.   In a global shift to remote work, more than three-quarters of IT decision-makers said their organizations were more vulnerable to cyberattacks against mobile devices compared with a year ago, according to a survey by Sapio Research commissioned by Menlo Security.  Phishing has been the most common form of attack over the past 12 months, according to 71% of survey respondents. The survey showed 73% of IT decision-makers believe end-users are more susceptible to mobile attacks than they were five years ago. More than half of participants said it’s impossible for organizations to be ready for all the tactics used by malicious attackers targeting mobile devices. For 38% of respondents, it’s impossible to keep up with the pace of cyberattacks targeting mobile.

New research from SaaS Alerts too – their SaaS Application Security Insights.   Businesses average 80 SaaS apps on average, and SaaS Alerts reports an average of 3,000 brute force attacks per day, with top countries of origin as China, Vietnam, Brazil, Russia, India and Pakistan.

Arctic Wolf reports their new report on the ability of small companies to fend off attacks – unsurprisingly, it’s not good.   73% of respondents thought their workforces could not fend off a cyber attack; just over one-third – 39% – felt overwhelmed by the volume of alerts received from their existing security solutions; and just over half – 55% – said they regularly deprioritized cyber issues in favor of continuing core business activity.

And, turns out Microsoft’s number of vulnerabilities IS increasing.  Research from Beyond Trust shows that the number has risen by 48% compared to 2019.

Why do we care?

Overall attacks are way up.  Vulnerabilities are too.   Everything’s a target, and assuming systems in the cloud solves the problem is naïve.  

And people continue to be the biggest risk.   Don’t get me wrong, solving this is clearly an opportunity, and even more so in the SMB.  But it’s not a slam dunk, and it’s about risk management more than selling products.      

Those that approach this differently are going to find success… mostly because the same old stuff doesn’t work.