Cyber_Bytes - Issue 21
Welcome to the latest edition of Cyber_Bytes, our bi-weekly roundup of key developments in cyber, tech and evolving risks.
39% of firms have dismissed staff over cyber security since COVID-19
A new survey has shown that whilst two-thirds of companies made substantial changes to their cyber security policy in response to COVID-19, almost 60% of respondents agreed that employees are more likely to try and circumvent company security practices (e.g. using personal devices and not changing passwords, in order to maximise productivity). However, as the article describes, the consequences are capable of being serious for the employee.
To read more, please click here.
Microsoft data suggests changing attitudes towards cyber but impact of attacks remains significant
58% of respondents to a Microsoft business survey said they have increased their security budgets during the pandemic while 82% said they plan on adding security staff. This is set against the backdrop of cyber-criminals applying pandemic-themed lures to known scams and malware since March 2020.Business leaders have also reported phishing threats as the biggest risk to security in that same timeframe, with 90% of indicating that phishing attacks have impacted their organisation.
To read more, please click here and here.
Oracle and Salesforce targeted in €10bn GDPR lawsuit backed by profit-making litigation fund
Privacy Collective, a legally aggressive privacy campaign group, is pursuing Oracle's Bluekai and Salesforce DMP (formerly Krux) ad-tech subsidiaries with the help of Innsworth Advisors. This is a further illustration of the continued rise of class action regimes in the UK and the availability of collective redress.
To read more, please click here.
Carnival Cruises into Danger After Ransomware Attack
British-American cruise operator Carnival (which also operates Princess Cruises, Costa, P&O Australia, P&O Cruises, Holland American Line, AIDA, Cunard and Seabourn brands) has suffered a ransomware attack in which guest and employee data was accessed, it has revealed in an SEC regulatory filing. It is anticipated that claims may arise from this incident and serves as a reminder that the travel industry is an extremely attractive target to cyber criminals, as they can collect and store valuable personally identifiable information on passengers and guests alongside implementing a ransomware attack.
To read more, please click here, here and here.
NHS Digital launches Cyber Security Services framework to manage cyber threats
NHS Digital has announced the launch of a new framework in partnership with the National Cyber Security Centre (NCSC) called the Cyber Security Services framework for helping the NHS and public sector organisations in procuring external support and services to help in the management of cyber security risks. The 25 specially selected suppliers are a mix of SMEs and multi-national providers designed to ensure organisations are able to purchase quality cyber security services from trusted suppliers.
To read more, please click here.
"Drovorub" Is The Latest Cyber Threat To Come Out Of Russia
This new strain of malware can give the attacker near-complete control over the device in question and government agencies aren't the only target. Whilst the malware spreads primarily via spear-phishing and zero-day vulnerabilities, there is at least a partial and easy solution to hand.
To read more, please click here and here.
Stay connected and subscribe to our latest insights and views
Subscribe Here