Cybersecurity Roundup: School Attacks, Kaspersky, Juniper Networks, SafeBreach
… with the knowledge sharing culture of universities. Insider attacks, too, are difficult to stop. So avoiding all the different attack vectors is difficult and expensive and almost counterproductive.”
There’s money to be made from these attacks on both sides of the law, Slaby said. Cybercriminals caused $8 billion worth of damage with ransomware attacks last year, according to Risk Based Security, and a big chunk of that was in ransoms collected.
The rise of ransomware-as-a-service – where smart criminals create the malware, and enlist an “army of dumber criminals” to distribute it – has yielded $250 ransomware kits on the dark web, a pretty low startup cost for the bad guys, Slaby said.
“That means that ransomware is going to continue to grow and hit vulnerable targets like schools and city governments, and rich ones with big stakes in maintaining uptime like banks, hospitals and factories,” he said. “From the good guys’ perspective, there is a lot of value to deliver in helping defend customers against ransomware and other surging malware types. The channel is in a great position to manage this problem; you can attract and retain better security people (by offering them a more interesting variety of projects and a better career path than the typical school district, for instance), and you have scale advantages that let you deliver cyberprotection services more cheaply. It’s a shame that cybercrime is booming this way, but if you’re going to profit from it in any way, better to be on the side of the heroes.”
There’s a huge opportunity for VARs, MSPs and MSSPs to deliver a suite of services that combine all the best anti-ransomware defenses – backup, disaster recovery, leading-edge antimalware defense, secure file sync and share services, and blockchain-based file authentication services, to name just a few — into a “very profitable and sticky” offering, Slaby said.
“And they can wrap other services around them, too, like security awareness training, design and deployment, pen testing [and so on],” he said. “It’s a very ripe time to get into that business, or stretch into it from your existing footprint.”
More and more SMBs, as well as state and local governments, will realize that cybersecurity is something that cannot be covered with a small internal team — and this includes for their school districts, Ray said.
“Organizations that have a web presence, databases, file servers, e-mail, collaboration tools [and so on], simply will not be able to hire experts for all of these security needs,” he said. “They must outsource much of their security to companies that provide the expertise via security professionals that deal with cyberthreats across many companies daily. There has been and will continue to be a lack of skilled cybersecurity professionals available in the industry. Those that can pay the most and provide the best benefits will get the best talent. Much of that talent will be in the business of providing that expertise as a service.”
Financial Malware Reaches 430,000 Users
Kaspersky researchers have discovered 430,000 users faced malware aimed at stealing finances, cryptocurrencies and web-money services in the first half of 2019, 7% more than in the same period last year. More than one-third of those affected were …