With the summer holidays in full swing, we know most of you will be out enjoying the sunshine (and showers), rather than keeping up with the world of I.T. and Tech. As usual, in case you missed what’s been happening, here are some of our top stories for the week.
Equifax feeling the pinch
This week, credit report company Equifax was made to pay around $700 million in fines for a hack that compromised the data of around 140 million of its customers and lead to the resignation of its CEO Rick Smith.
In 2018 Equifax paid its new CISO $3.89 million in the hope of protection from such breaches of security and fines in the future. The company has said that this hefty pay packet pales in comparison to the cost of a further breach.
With companies being subject to cyberattacks on an almost daily basis, it’s becoming harder and harder to find cybersecurity experts to fill high-level information security roles, a report has revealed this week. Back in 2012, Matt Comyns joined one of the USA’s largest firms as Chief Information Security Officer (CISO) for a salary of $650,000, but the company had to pay in excess of $2million to fill the same role recently.
Hackers are becoming more and more sophisticated and businesses are throwing money at the problem as the threat of security breaches – and the fines and lawsuits that often follow – becomes an increasing issue for many large and small businesses. Read more here.
Universities under attack (again)
As we mentioned in our roundup a few weeks ago, higher education establishments are increasingly at risk from cybercriminals due to their increased reliance on the cloud. While the cloud capabilities of many higher education institutions have led to better learning and teaching experiences, it has also exposed campuses to cyber vulnerabilities.
A penetration testing organisation was able to successfully hack over 50 UK universities in a recent study, highlighting just how unsecure and unprepared many higher education establishments are. There has been a number of students being targeted by malicious actors posing as Student Finance and the Student Loans Company over the last few months, including those at Lancashire College in July. Moreover, the institutions themselves are under near-constant attack and while security provisions such as firewalls are in place in universities and colleges, this type of legacy perimeter security technology doesn’t cut it in the post-perimeter digital world we now find ourselves in.
Educational data is no longer static, and where that data lives isn’t defined in one location – the perimeter has disappeared and so security measures need to move to the endpoint. As a result, new security necessities have emerged as essential for securing university networks and these must include endpoint protection and be based on a Zero-Trust model.
North Korea funding weapons of mass destruction through cyber attacks
North Korea is thought to be behind a recent cyberattack on an African financial institution. According to a recent report, the country is the single nation-state thought to be responsible for the theft of somewhere in the region of $2 bn for weapons programmes, through sustained attacks against banks and cryptocurrency exchanges.
North Korea is being accused of “widespread and increasingly sophisticated” cyberattacks to raise funds for “weapons of mass destruction” and enhance its nuclear and missile programmes. The recent attack on an African bank was discovered when a cybersecurity firm found suspicious, recurring patterns in the data of a small amount of encrypted traffic leaving the institutions network.
Attackers were making low-value transactions to banks based in Bulgaria. Parts of the attack were encrypted, and the certificates were signed in… (you guessed it) North Korea.
Following a full security audit, the bank discovered that malware had infected a number of endpoints at its headquarters and a small number of low-value transactions had been made to banks in Bulgaria. It is thought that the transactions were a test ahead of an attempt to steal much larger sums of money.
Those were some of this week’s top stories but if you want more content, follow us across our four social media channels: