Myra’s monthly security highlights present IT decision-makers and security specialists with the most relevant topics from the world of cybersecurity. Hacker trends, defense strategies, and reports on cyberattacks, hacker campaigns, and more are available here in a clearly laid out format.
In the tech bubble, security experts are only too happy to focus on the threats of tomorrow. Discussions revolve around quantum-based attacks on encrypted files, self-learning malware, or AI-based intrusion detection systems that can expose even the most resourceful hackers in no time. However, what is often forgotten when looking into the crystal ball is that cybersecurity involves more than technical components alone.
Awareness Creates Layer 8 Protection
Many of the currently most popular attack vectors employed by cybercriminals target human vulnerability. Using credential stuffing or credential cracking, scammers can easily take over vast amounts of user accounts, which are then sold on to the highest bidder on the darknet. This business model is only possible because many users today are still using their passwords multiple times and rarely use multilevel authentication methods such as 2FA.
If the details of the account they are looking for are not already circulating somewhere on the Internet, cybercriminals also like to ask the user directly for the information by e-mail or telephone. A plausible pretense is usually enough to elicit the most sensitive information from targeted individuals via spear phishing and social engineering. Technology can only help to a limited extent against such methods of attack; it is much more important to alert users to the threat and, from childhood onwards, to teach them to use the Internet wisely.
The Top IT Security Topics in July
Social Engineering: What the Twitter Hack Shows Us:
Attackers have successfully hacked countless celebrity and corporate accounts on Twitter and used them for bogus spam messages. The blame for this was not due to a vulnerability in Twitter’s systems, but to a successful social engineering attack on one of the service’s employees. You can find out more about the attack here:
Digitization in Health Care in Demand as Never Before:
International studies have shown that patients are increasingly demanding digital treatment methods such as telemedicine, health apps, and AI-supported diagnostics programs. The basis for successful digitization in the health care sector, however, is IT security, data protection, and compliance.
Apart from Critical Infrastructure, Infrastructure Providers Are Often Easy Prey:
Hackers have succeeded in stealing and releasing customer and employee data from an energy supplier in Mainz. Like many other municipal providers, which due to their size do not fall within the definition of critical infrastructure, the company does not have to meet the high standards set out in German IT security legislation.
Ransomware Security Measure Hobbles Lower Saxony’s Tax Offices:
In order to avoid being infected by Emotet and other types of malware, the tax authorities of Lower Saxony have since the beginning of the year stopped processing e-malls with file attachments or links. A secure environment for the quarantined opening of such content is presumably in the test phase.
GDPR Shows Its Teeth:
Last year, about two-thirds more breaches of the General Data Protection Regulation were reported in Europe. In most cases, the violations involved unauthorized access to personal data through cyberattacks, tampering and sabotage, and the loss of non-secured mobile devices and laptops.
Things to know
The Myra Platform at a Glance: Multisite Load Balancer:
Delayed access or even total failure of web applications and online services are unacceptable in a professional environment. Multiple redundant server systems and data centers provide a remedy for such problems. Without smart distribution of access, however, even such concepts are of little help.
The Myra Platform at a Glance: Content Delivery Network:
What counts most on the Internet are speed and stability. If, in contrast, there are delays in loading websites or using web applications, most users leave after a few seconds and look for alternatives. That’s why companies cannot afford to sacrifice performance when doing business online.