Cyber security experts have long predicted that thousands of vulnerable Internet of Things (IoT) devices such as internet-connected CCTV systems would be hacked on mass and directed to perform huge DDoS attacks. That’s exactly what happened on 21st October when 152,000 IoT devices infected with malware were remote controlled by hackers and then used to orchestrate a 1Tb DDoS attack, the largest in history. A tsunami of network traffic was directed at a company called Dyn, a major domain name registrar, and it impacted their client’s web services, including Twitter, Yammer, PayPal, Starbucks, The Guardian, PlayStation, Wix, CNN, Spotify, Github, Weebly and Reddit.
Those IoT developers may want to read up on my IoT guidance on the IBM developersWorks website - Combating IoT cyber threats Top security best practices for IoT applications
The UK National Cyber Security Centre HQ went operational, which is part of the UK government's 5 year £1.9 billion cyber defence strategy, a much-needed investment to help safeguard the UK's digital economy from cyber attacks during these uncertain economic times for the country.
Ransomware continues to cause problems, especially within NHS, but on the flipside the https://www.nomoreransom.org/ website continues to be supported, with site providing excellent advice to both home users and businesses. I have even added a separate Ransomware Help section on my own website - https://itsecurityexpert.co.uk/en/securityhelp/ransomware-help
A couple of surveys show UK businesses are still struggling to understand what they need to do in order to comply with new strict General Data Protection Regulation (GDPR), which comes into force in May 2018 despite brexit. I plan to do a blog post providing business help the GDPR in the coming weeks.
News
- World Biggest DDoS attack blows away Dyn, impacting Twitter, Yammer, and others
- UK National Cyber Security Centre HQ Operational
- NHS Attacked by Ransomware 'Dozens' of Times
- 'Hackable' Apple watches banned from UK Government Cabinet meetings
- Hackers steal 43 million credentials from Weebly
- In wake of Massive Data Breach, Verizon reassessing price for Yahoo Acquisition
- Student discovers security flaw in Virgin Media Recruitment System
- MasterCard plans to authenticate transactions using Selfies
- European Ransomware initiative gains 13 new Member Countries
- Over £1 Billion Lost by UK businesses to Online Crime in the Last Year
- UK Banks not Reporting Cyber-Attacks
- Hackers hiding Stolen Credit Card Details in Images
- Forged Rail Tickets sold on 'Dark Web', BBC investigation reveals
- Microsoft bundles Security Updates - no more pick and choose
- Microsoft release 7 Critical Patches for Windows, Edge, IE, Office & Flash Player
- Throw your Backdoored D-Link DWR-932B Router in the bin, urges Security Researcher
Awareness, Education and Intelligence
Reports
- EU GDPR - Nine out of Ten Don't Understand it
- Thales Survey: 84% of Brits reconsider Brands affected by Data Breaches
- PCI SSC: The UK Business CyberSecurity Threat
- Mobile is the New Playground for Thieves: How to Protect against Mobile Malware
- 73% of organisations across the globe have suffered a DDoS attack – Neustar Study
- 82% of Global and IT business Pros are concerned about GDPR compliance
- Network Security Playbook Guide
No comments:
Post a Comment