Ben Johnson, former NSA and Chief Technology Officer (CTO) of SaaS application security firm, Obsidian, has found that businesses around the world are adopting Software as a service (SaaS) apps in droves for collaboration, ease of access to data and business continuity. With this increased adoption, comes the inevitable trend of state-sponsored actors merely logging in to steal data rather than having to break in. Here, Johnson talks to Security magazine about security issues associated with SaaS applications.
We have all been served by a surly retailer whose made us feel that their job and life would be easier, if it weren’t for the customers. Alas, sometimes it feels the same applies in cybersecurity. Life would be so much better, if not for those pesky employees.
The recent ransomware attack of the Colonial Pipeline has reinvigorated calls from legislators to strengthen the defenses of U.S. pipelines and the electric power grid. Over the last several years, a repeatable pattern is becoming apparent with each major cyber-attack. A critical cyberattack occurs that is followed by outrage that result in statements from government leaders with calls for action - all followed by proposed ideas on how to better mitigate the risk of cyberattacks in the future. Yet, it seems that time goes by and with the next major attack the cycle starts all over again. This time, government is taking a more rigorous approach to proposing solutions to end the vicious cycle.
In the tense political and economic climate, state-backed actors have used every possible means to gain leverage over their rivals. And in the midst of the chaos, every individual and organization can become a victim or collateral damage in the context of bigger conflicts. Here’s a glimpse of where we are and how organizations can protect themselves going forward.
Conti ransomware gang appears to be behind Ireland's Health Service Executive (HSE) ransomware attack, according to reports. HSE, a $25 billion public health system, shut down its IT systems to protect the service from further damage, switching to a paper-based system. Though life-saving equipment and COVID-19 vaccine programs were still operating, several healthcare practices across Ireland were forced to cancel low priority appointments.
Ransomware is nothing new. But the tactics, techniques and procedures (TTPs) leveraged by threat actors have reached new levels of sophistication over the last few years. And with that growth has come an increased difficulty in protecting networks against costly attacks such as the recent DarkSide one on the Colonial Pipeline.
Healthcare businesses are already reeling from massive losses during the pandemic, and cyberattacks could cause further long-term damage beyond the initial attack. Research at Morphisec indicates that almost 3-in-10 consumers say they would consider switching providers if their records were breached in a cyberattack. Considering that same report found that 1-in-5 Americans say a cyberattack has impacted their healthcare provider in the past year, it’s undoubtedly worrying news for the entire industry. With this in mind, here are three avenues hackers are likely to exploit as healthcare becomes a more attractive target and what providers’ need to do to protect their sensitive data and safeguard the lives of their patients.
The social and economic impacts of political violence don’t often match. Terror attacks can accomplish their main objective of striking fear into a local population while not significantly interfering with commerce, and broad waves of unrest have the potential for supply chain disruption, local business closures lasting for days, and repair and remediation that can become quite costly. There’s a third category that doesn’t get enough attention in policy and academic circles: insurance industry losses.
A recent survey conducted by Rave showed that only 22% of respondents completely trust the information they receive from local officials. Many factors – such as the spread of disinformation, social unrest and the ongoing pandemic – likely contribute to this low level of trust. However, it still poses a big problem to local leaders who are trying to keep residents safe – especially during the ongoing pandemic. We connected with Todd Miller, SVP of Strategic Programs at Rave Mobile Safety, to talk about how local governments and organizations can go about re-building trust in their communities by communicating effectively with residents.
Establishing operational resilience in the face of cyberattacks has become a top priority for organizations. As a core component of the IT infrastructure, Active Directory (AD) must be at the center of that process. But who is responsible for ensuring Active Directory is both protected and can be recovered quickly when a cyberattack occurs? In many organizations the answer is not clear, which can lead to missteps in detecting, defending against, and responding to cyberattacks.