News & Resources
CURRENT SOLUTIONS DO NOT WORK
Cyber Attack Map
With worldwide cyber attacks continuing unabated, evidence abounds that current solutions do not solve the problem.
Please see the link below for a world map that spotlights recent attacks and also shows attacks since January 2023.
https://konbriefing.com/en-topics/cyber-attacks.html
IBM Security's Costs of a Data Breach Report 2023
July 2023
- $9.48 million – 2023 average cost of a data breach in the United States, up from $8.64 million in 2020.
- Costs of a breach to critical infrastructure averaged 28.6% higher.
- Average time to identify and contain a data breach:
- 277 days;
- 320 days if learned of breach from attacker;
- 337 days if managed security service provider (MSSP) not used before breach; and
- 254 days with MSSP.
- 82% of breaches involved cloud-stored data.
- 50% of attacks left systems inoperable or involved ransomware.
- Only 1 in 3 organizations found the breach themselves.
- 57% of businesses increased prices after an attack.
- Causes of attacks include:
- 16% phishing;
- 15% due to a business partner or supply chain breach;
-
11% cloud misconfiguration;
- 11% unknown (zero-day) attacks; and
- 5% known unpatched vulnerabilities.
https://www.ibm.com/account/reg/us-en/signup?formid=urx-52258
TAKEAWAYS
- Identification and containment, does not mean the problem has been fixed.
- By using security AI and automation, the financial impact of a breach was lessened by only $1.76 million and identification and containment of the breach averaged 108 days shorter.
- Therefore, with the most current sophisticated AI and software solutions, the average cost of a data breach in the US was still $7.72 million and took an average of 169 days to identify and contain.
- Breaches mean your customers suffer beyond the containment period since prices are raised.
- CURRENT AI AND AUTOMATION SOLUTIONS ARE NOT PREVENTING BREACHES, BUT MERELY SHORTENING THE LIFE CYCLE BY ONLY 39% AND LESSENING COSTS BY ONLY 18.6%.
FBI 2022 Internet Crime Report Overview
- In 2022, the IC3 received 800,944 complaints, which is a 5 percent decrease from 2021. However, the potential total loss has grown from $6.9 billion in 2021 to more than $10.2 billion in 2022.
- While the number of reported ransomware incidents has decreased, not everyone who has experienced a ransomware incident has reported to the IC3. As such, the IC3 assesses ransomware as a serious threat to the public and to our economy.
- In 2022, the IC3 received 21,832 Business E-mail Compromise complaints with adjusted losses over $2.7 billion.
- In 2022, the IC3 received 2,385 complaints identified as ransomware with adjusted losses of more than $34.3 million; it has been challenging for the FBI to ascertain the true number of ransomware victims as many infections go unreported to law enforcement.
- Over the last five years (2018-2022), the IC3 has received an average of 652,000 complaints per year, representing a total of 3.26 million complaints and $27.6 billion in total losses.
https://www.ic3.gov/Media/PDF/AnnualReport/2022_IC3Report.pdf
$1.3 Billion in Ransom Paid During 2020-2021
February 11, 2022
Criminals netted $1.3 billion in ransom payments from hacking victims in the past two years, according to a report from Chainanalysis Inc. The average payment totaled more than $118,000 in 2021, an increase from $88,000 in 2020 and $25,000 in 2019.
US to Ban Kaspersky Software - Malware Signature Updating to be Affected. Another reason to switch to Zecurity.
June 20, 2024
The U.S. government has expanded its ban on Kaspersky software, prohibiting its sale and updates in the U.S. due to national security concerns. This move is based on the belief that the Russian government could exploit Kaspersky to collect and weaponize Americans’ personal information. The ban, effective July 20 for new sales and September 29 for existing customers, aims to protect against potential espionage and cyber threats. The government urges users to switch to alternative security solutions promptly.
Signatures are the part of antivirus software that detect malicious threats; antivirus vendors push new signatures to customer machines often on a daily basis to keep customers protected against new malware and threats as the vendors discover them. Without the ability to update the signatures of customers in the U.S. the ability of Kaspersky software to detect threats on those systems will significantly degrade over time.
Chinese Hackers Had Access to US Infrastructure for at Least 5 Years Before Discovery
Febuary 7, 2024
https://www.foxnews.com/us/chinese-hackers-access-us-infrastructure-least-5-years-discovery
Current solutions are not protecting industry networks from infiltration. Zecurity’s Hardwall can stop unauthorized access.
Cyber Reporting Arrives to Public Companies: SEC Requires Annual Disclosure and Disclosure of Material Breaches Within 4 Days
July 26, 2023
https://ktla.com/ap-business/ap-new-sec-rule-requires-public-companies-to-disclose-cybersecurity-breaches-in-4-days/
Infrastructure Ransomware on the Rise; Ports hacked and Service Disrupted
July 6, 2023
https://www.cnn.com/2023/07/06/tech/japan-port-ransomware-attack/index.html#:~:text=The%20Port%20of%20Nagoya%20in,hackers%20attacked%20its%20computer%20system.
Neither the US Government Nor Your Law Firm Has a Clue How to Stop Ransomware
June 28, 2023
https://www.reuters.com/world/us/us-health-department-law-firms-reportedly-latest-hit-wide-ranging-hack-2023-06-28/
SEC Seeks Personal Liability Against CISO for Malware Breach
June 28, 2023
Ransomware Attacks Continue to Expose Massive Data
Chinese Cyber Attacks Routed Through US Local ISPs to Evade Detection
May 24, 2023
Advisory from the United States National Security Agency, the U.S. Cybersecurity and Infrastructure Security Agency and the U.S. Federal Bureau of Investigation among others. Foreign bad actor using local internet service providers to redirect malicious code to be written into networks.
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-144a
Canadian Gas Pipeline SCADA Systems Breached by Russian Hacktivists
Software Solutions Cannot Protect You
March 4, 2022
“Eventually, a determined attacker will find a way in,” said Josh Lospinoso, co-founder and CEO of Rosslyn, Virginia-based Shift5 Inc., a cybersecurity company that specializes in transportation. “They will find a weakness in the armor, and then your job is to identify that intrusion as quickly as possible and remediate it.”