Preparing for a black swan cyber event | efani Partner

There can be little doubt that cyber breaches are becoming more frequent and cybercriminals are becoming more sophisticated in their techniques. From malware to reconnaissance attacks, and from DoS/DDoS attacks to phishing campaigns, cybercriminals are becoming bolder and more determined by the day.

Unfortunately, they are also finding more success. We need only look at the breaches endured by companies such as Target, Sony, and Yahoo to see that cybercrime is prevalent. Indeed, in some circles, arguably, it has become normalized. Society, in general, is now accustomed to seeing news stories of successful cyber attacks across a variety of countries and sectors.

In light of the snowball effect of cyber criminality, it is imperative that individuals, companies, industries, and governments do not accept cyber breaches as merely part of their day-to-day operations. To defeat cybercriminals, hacktivists, and their ilk, it is vital that organizations double down on cyber security provisions and do all they can to protect themselves against a breach. For too long, companies have adopted an ‘it will never happen to us’ approach to cyber security, yet there is a strong chance that a breach will, or has already happened. Many companies are susceptible and suffer a breach without even realizing that it has occurred. Once a breach is discovered, the consequences can be costly, both financially and in reputational terms. Customer data, intellectual property, capital, and personal information are all at risk once a party has been breached. Accordingly, companies are going to greater lengths to plan for and protect against attacks.

Read the whole article here: Read More

Movistar Suffers Cyber Attack Exposes Customer Data

Movistar suffered last week a cyber attack that exposed the personal information of thousands of your customers. The company has informed Friday users affected by the “irregular access” to your computer systems by SMS, as has advanced and has been able to confirm El Periódico de Catalunya.

That message indicates that security breach has exposed basic personal data such as contact identification data (that is, name, surname, and others) and information about the products and services contracted, but there is no indication that other more sensitive data such as passwords, bank accounts or call log. “There is no evidence that said data has been exploited,” reads that SMS.

Movistar has indicated that this hole “has already been blocked”, but has not given more details about the origin of the attack, its specific scope, or how this internal security breach has occurred. Although basic, compromised data can be extracted by cybercriminals to be able to launch other phishing attacks later, such as phishing, more convincingly. The SMS mentions “irregular access to our systems from suspicious IPs.” As required by data protection law, Movistar has informed customers whose personal information has been affected.

Although it is unknown exactly how these attackers have infiltrated the Movistar system, the coup is one more on the list of large companies affected. This Wednesday it was reported that Estrella Damm had also been the victim of a cyberattack with a virus type ‘ransomware which has hijacked access to internal data, forcing the shutdown of its factories. Tuesday was Media market who saw how their European servers were blocked by a similar attack, affecting their stores in Germany, the Netherlands, and Belgium.

Read the whole article here: Read More