Skip Navigation

ITMG Insider Threat News – October 11, 2021

Four Insider Threats Putting Every Company at Risk

Few concerns keep business leaders up at night like the threat of a cybersecurity incident. With the average cost of a data breach exceeding $4 million for the first time. With public sentiment, regulatory requirements and practical functionality firmly against companies that can’t protect their digital landscape, many leaders are reprioritizing cybersecurity in response to this increasingly urgent reality.

According to Gartner’s 2021 CIO Agenda Survey, cybersecurity is the top spending priority for 61% of leaders as they work to address rapidly shifting risks and responsibilities.

Microsoft: Russia Dominates State-Sponsored Attacks

Russia accounted for the majority of state-sponsored attacks over the past year, with the SolarWinds attackers dominating threat activity, according to Microsoft data.

The firm’s Digital Defense Report 2021 covers the period from July 2020 to June 2021 and details state and cybercrime activity.

Kremlin-backed raids accounted for 58% of all nation-state attacks during the period, with Nobelium (aka APT29, Cozy Bear) generating the vast majority (92%) of notifications Microsoft made to customers about attacks.

Data Breach Volumes for 2021 Already Exceed 2020 Total

The number of data breaches publicly reported so far this year has already exceeded the total for 2020, putting 2021 on track for a record year, according to the Identity Theft Resource Center (ITRC).

The non-profit’s figures for Q3 breach volumes came in at 446 incidents. Although this is lower than the 491 breaches reported in the second quarter, the total for the year-to-date is now 1291, versus 1108 in 2020.

Infosec Experts: Twitch Breach “As Bad as it Gets”

Gaming and content streaming giant Twitch has confirmed a breach has taken place at the firm, after reports claimed a hacktivist leaked its entire source code, creator info and internal data.

Leaked data reportedly includes all of the firm’s source code; mobile, desktop and console clients; proprietary SDKs and internal AWS services; and “every other property” it owns, including IGDB, CurseForge and an unreleased Steam competitor, dubbed “Vapor.”

UK Firms Hit by One Attack Every 47 Seconds Over Summer

Cyber-attacks targeting UK firms are back on the increase, reaching a rate of one every 47 seconds over the summer, according to new data from Beaming.

The business ISP had noted a 9% year-on-year drop in the second quarter, but it now appears that was a temporary blip. Attacks increased 4% between July and September over the same period last year.

The firm claimed that this amounts to an average of 168,975 attacks per company in the third quarter or 1837 per day.

Cyber Improvements could Lead to More Insider Targeting, Intel Official says

As federal agencies and U.S. industry bolster their cybersecurity defenses, foreign intelligence agencies are likely to ramp up their targeting of trusted insiders, according to the director of the National Insider Threat Task Force.

Bob Rohrer, who has led the task force since January, said the successful implementation of zero trust architectures and other least-privilege principles could make it harder for foreign spies to pilfer U.S. secrets by exploiting gaps in network defenses. President Joe Biden has directed agencies to adopt zero trust architectures as part of his May cyber executive order.

This entry was posted on Monday, October 11th, 2021 at 9:03 pm. Both comments and pings are currently closed.