Data/Cyber

Companies face AI, deepfakes and other threats as cyber security continues to evolve

in

BY Richard Summerfield

As artificial intelligence (AI), deepfakes and other threats continue to evolve it is imperative that companies upgrade their cyber security systems as soon as possible, according to OnePoll and Gemserve’s new report: ‘Through the Cyber Lens: The Evolving Future of Cyber Security’.

The study surveyed 200 chief information security officers (CISOs) across the UK and Europe, assessing the readiness of CISOs to confront the evolving challenges in the cyber security space, particularly those derived from the burgeoning influence of AI, while also exploring their expectations for the future.

According to the report, CISOs are increasingly concerned about the use of deepfake AI technologies in cyber attacks. Eighty-three percent of respondents noted that generative AI will play a more significant role in future cyber attacks, with 38 percent expecting a significant increase and 45 percent anticipating a moderate rise in attacks utilising these technologies over the next five years. However, despite the imminent nature of the threat, only 16 percent of respondents believe their organisation has an excellent understanding of these advanced AI tools, and thus are likely unprepared.

“As the AI revolution transforms the landscape of cybersecurity, CISOs stand at the forefront of this change,” said Mandeep Thandi, director of cyber and privacy at Gemserv. “AI is reshaping the contours of cyber defence by augmenting human capabilities, predicting threats, and fortifying organisations against the volatile cyber threat landscape.”

Many CISOs also noted that they do not have the resources to face up to the many challenges they encounter. Around a third of respondents believe they lack the budget required to do their jobs most effectively, while a similar proportion are finding it difficult to recruit and retain staff with the right skills and experience.

A much higher percentage of respondents (92 percent) believe they have robust and tested incident management policies and procedures in place, but there are significant technology and knowledge gaps that should give cause for concern. Only 31 percent of respondents believe they have both security information and event management (SIEM) tooling and cyber threat intelligence, even though the majority of respondents (78 percent) expect the cyber threat landscape to become more complex and challenging over the next 12 months.

Going forward, CISOs will be hoping they are provided with the resources they need to help them navigate the challenging and uncertain future and reduce the efficacy of cyber attacks.

Report: Through the Cyber Lens: The Evolving Future of Cyber Security

T-Mobile suffers another data breach

in

BY Richard Summerfield

US mobile phone operator T-Mobile has suffered a data breach affecting 37 million customers - the company’s fifth such incident since 2018.

In a Securities and Exchange Commission (SEC) filing, the company noted that it “promptly commenced an investigation with external cybersecurity experts and within a day of learning of the malicious activity, we were able to trace the source of the malicious activity and stop it”. The company has launched an investigation into the breach, but explained that “the malicious activity appears to be fully contained at this time, and there is currently no evidence that the bad actor was able to breach or compromise our systems or our network”.

According to T-Moble, the breach saw a bad actor use a single application programming interface (or API) to obtain limited types of information on customer accounts. T-Mobile said the hack did not expose payment card information, social security, tax, driver’s licence or other government-issued ID numbers. Passwords, PINs and other financial information is also believed to be safe, however the hack did compromise other information, including name, billing address, email, phone number, date of birth, and T-Mobile account number and information, such as the number of lines on the account and plan features.

The breach appears to have occurred in late November 2022, but T-Mobile did not become aware of the attack until 5 January.

“We understand that an incident like this has an impact on our customers and regret that this occurred,” the company said in a statement. “While we, like any other company, are unfortunately not immune to this type of criminal activity, we plan to continue to make substantial, multi-year investments in strengthening our cybersecurity program.”

T-Mobile has suffered a number of damaging cyber attacks in recent years. Before the most recent breach came to light, in August 2021 the company noted that a hacker had accessed information pertaining to 7.8 million existing customers, and more than 40 million former and prospective customers, including social security numbers and driving licence details. That figure was subsequently revised upwards to around 76.6 million. T-Mobile is reported to have paid the hacker $200,000 via a third party to stop the data being sold on the dark web, but it was reportedly sold anyway.

The company also disclosed hacks in 2018 and 2019 and two other separate incidents in 2020.

Furthermore, in July 2022, the company agreed to pay $500m to settle class action lawsuits brought by those affected by the 2021 breach. The plaintiffs accused T-Mobile of failing to adequately protect customers’ data. As part of a settlement related to the breach, T-Mobile agreed to contribute $350m to cover legal fees and compensation, and to spend a further $150m on making improvements to data security and related technology.

News: T-Mobile’s $150 Million Security Plan Isn’t Cutting It

Cyber security: recession proof?

in , , ,

BY Richard Summerfield

Amid ongoing economic and geopolitical challenges, the cyber security sector remains strong, according to a new report from ICON Corporate Finance.

Thus far, the sector is proving recession-proof and remains a growth area, defying current troubling macroeconomic headwinds. As such, the cyber security sector is leading the way for M&A and fundraising activity in 2022, with deal activity for Q1-Q3 up 60 percent compared to 2020 for M&A and up 22 percent for fundraising.

The report notes that going forward, enterprises must recognise that they must continue investing in cyber defences regardless to protect against an increasingly sophisticated threat landscape, and because of significant geopolitical and economic uncertainty. This, in turn, is acting as a catalyst for M&A and fundraising deal activity.

According to ICON, the first three quarters of 2022 saw 353 cyber security M&A deals, with a total value of $125bn. As a result, the sector is on track to surpass pre-coronavirus (COVID-19) levels. With vendor platform consolidation, largely backed by private equity, being a chief driver behind the sustained deal activity.

Fundraising activity also remained in line with long-term trends, with $15.4bn of venture capital money invested in the sector globally across 572 deals in the first three quarters of the year.

“Enterprises recognise that they must continue hardening their security defences to keep above water in the arms race between good and bad,” said Florian Depner, director of ICON Corporate Finance. “Cybersecurity is mission-critical and companies have no choice but to keep investing given the uplift in malicious activity, and state-backed attacks.

“We also anticipate that Private Equity will continue injecting much-needed growth fuel into later-stage scale-up companies; a trend demonstrated by the BlackRock-backed $250m (£221.7m) investment in Swiss-based storage management and personal backup services provider Acronis.

“These factors, combined with Private Equity backing buy-and-build strategies and vendor platform consolidation, and the fact that the three-year cyber security index for public sector stocks rose 61.5%, while NASDAQ rose just 35.5%, makes cybersecurity players undeniably desirable.”

Going forward, ICON predicts that consolidation will continue at pace as trade and PE acquirers are ready to capitalise on market opportunities.

Report: Cybersecurity Sector Update – Q3 2022

‘Smishing’ and other forms of cyber attack on the rise

in

BY Richard Summerfield

‘Smishing’, a cyber attack strategy which combines SMS and phishing, is an increasingly prevalent form of cyber attack, according to a new report from Infoblox.

In its ‘Cyber Threat Report Q2 2022’ report, Infoblox notes that smishing is a new and sophisticated mechanism to obtain personal and financial information from victims, through false forms on fraudulent sites.

Smishing messages are sent to potential victims by malicious actors in order to get them to reveal private information, including passwords, identities and financial data. Typically, smishing messages include some incentive for the recipient to click a link, which may be for a site that hosts malware or a page that attempts to convince the user to submit data through a form.

To avoid falling victim to a smishing attack, Infloblox notes that parties should: “Always be suspicious of unexpected text messages, especially those that appear to contain financial or delivery correspondences, documents or links. Never click URLs in text messages from unknown sources. In the campaign under discussion, the source was the recipient, who did not send the message, and that is a red flag.”

“Our report shares research on many dangerous malware threats,” said Mohammed Al-Moneer, regional director, META at Infoblox. “Security effectiveness depends on timely, up-to-date threat intelligence.”

The Q2 2022 report includes information on industry alerts, advisories, reports and original research published from 1 April to 30 June 2022, by the Infoblox Threat Intelligence Group (TIG), Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the National Security Agency Central Security Service (NSA-CSS). Infoblox releases a Quarterly Cyber Threat Intelligence Report, which compiles the main threats and security breaches detected during recent months worldwide.

Report: Q2 2022 Cyberthreat Intelligence Report

Cyber security: a race against time

in ,

BY Richard Summerfield

According to a report from Crossword Cybersecurity Plc, 61 percent of chief information security officers (CISOs) are only ‘fairly confident’ of managing their current threat exposure to cyber risks.

The report, ‘Strategy and collaboration: a better way forward for effective cybersecurity’, surveyed of over 200 CISOs and senior UK cyber security professionals. Many respondents identified the ‘perfect storm’ of escalating cyber attacks combined with global tech innovation which is causing cyber security professionals to be less confident of the adequacy of their cyber security provisions. Based on the findings, there is concern that cyber security strategies are not able to keep pace with the rate of tech innovation and changes in the threat landscape.

“The picture painted by our research shows CISOs are in urgent need of a strategic rethink,” said Stuart Jubb, group managing director at Crossword Cybersecurity plc. “CISOs need to balance their cybersecurity operation’s daily load with managing the organisation’s long-term requirements. Boards must make sure CISOs have the budget necessary to get short-term issues under control and then begin planning a long-term business-wide strategy. Such a strategy should be supported by a standard operating model with robust processes and policies for the company’s entire supply chain. Every month of delay leaves businesses open to potentially crippling cyberattacks.”

Crossword also asked CISOs about the technology trends they saw as being the most important and relevant over the next 12 months. Several technology categories stood out, with cloud transition and cyber in the cloud leading the way (41 percent), followed by cyber security mesh architecture (CSMA) (35 percent) and artificial intelligence (AI)/machine learning (31 percent).

Respondents also identified a number of other areas of high priority going forward, including closing the cyber skills gap, which can see IT and cyber security teams become quickly overwhelmed if the right expertise is not in place to manage the load, the challenge of gaining consistent and reliable ‘threat intelligence’, and securing digital identity. Respondents were divided over how to address these and other issues, particularly with respect to companies’ short-term cyber goals and the longer-term strategy of many UK organisations.

Report: Strategy and collaboration: a better way forward for effective cybersecurity

©2001-2024 Financier Worldwide Ltd. All rights reserved. Any statements expressed on this website are understood to be general opinions and should not be relied upon as legal, financial or any other form of professional advice. Opinions expressed do not necessarily represent the views of the authors’ current or previous employers, or clients. The publisher, authors and authors' firms are not responsible for any loss third parties may suffer in connection with information or materials presented on this website, or use of any such information or materials by any third parties.