Security roundup: Average ransomware demand is £525, Mac malware targets webcams, CompTIA cybersecurity training

PCR rounds up the biggest security news over the past week
Author:
Publish date:
1-ransomware-cost-average-security-roundup.jpg

PCR rounds up the biggest security news from the past week.

Average ransomware demand is £525, with corporations increasingly targeted

Ransomware infection numbers spiked to 56,000 in March 2016 (around double the normal rate), and the average ransom demanded by attackers jumped to £525, up from £223 at the end of 2015, new Symantec research has found.

All but one of the new ransomware variants discovered so far in 2016 were crypto-ransomware, compared to around 80 per cent last year.

Plus, with 31 percent of global infections, the US is the country most affected by ransomware. Italy, Japan, the Netherlands, Germany, UK, Canada, Belgium, India and Australia round out the top 10.

New Mac malware hooks webcams up to the dark web

OSX/Eleanor-A, a new type of malware, includes three utilities for use by cybercriminals. These are Netcat (a general-purpose tool for sending and receiving data over the network), Wacaw (a free command line tool for taking pictures and videos with your webcam) and a PHP-based image browsing tool (presumably to make it easy to view and retrieve any images sneakily acquired with Wacaw).

There's more details on this Sophos blog.

'Advanced Persistent Threats the next IT security battleground'

Gigamon Inc, network traffic visibility firm, has revealed the results of a new iGov survey that examines the IT security threats and challenges facing the UK public sector.

It found that 85 per cent of organisations have reviewed their security considerations, 55 per cent of organisations have IT budget dedicated to security solutions, and 69 per cent of respondents are concerned about the rise of Advanced Persistent Threats (APTs). However, only 18 per cent currently employ APT solutions.

Digital skill shortage could lead to increased security risks

The UK is facing a digital skills shortage of 'significant proportions', according to recent research from the House of Commons Science and Technology Committee.

If not addressed, organisations that lack the necessary digital skills could run the risk of increased security threats and failed cloud migrations, warns The Bunker. The Commons Science and Technology Committee found that by 2017, the UK will require 745,000 more workers with digital skills. 

European consumers ready to use biometrics for securing payments

According to new research from Visa, consumers across Europe are interested in using biometrics when making a payment – especially when integrated with other security measures.

Nearly three-quarters (73 per cent) see two-factor authentication, where a biometric is used in conjunction with a payment device, as a secure way to confirm an account holder. Two-factor authentication includes something you have, such as a card or a mobile device; something you are, such as a biometric; or something you know such as a PIN or password. 

Pokémon Go problems

Cybercriminals have already noticed the hype around this smartphone game and begun creating social media scams and trojanized versions of the app to take advantage of Pokemon Go players,.

Other users have developed ways to cheat at Pokemon Go, such as spoofing GPS locations, and the official app was also hit with controversy over privacy issues related to the permissions it requests.

For more information, you can read Symantec’s blog here.

CompTIA launches course to stem biggest cause of data breaches

IT trade association CompTIA has launched a brand new training programme to help UK organisations educate their staff in the fundamentals of cybersecurity in the workplace.

The new programme, called CyberSecure, gives an organisation’s employees cybersecurity awareness and knowledge of their everyday actions and give the crucial first step towards protecting against data breaches.

The cost of data breaches continues to soar, with the average UK breach costing upwards of £1.4m according to PwC’s Information Security Breaches Survey 2015.

Brexit allows UK to 'unshackle' itself from EU’s data protection rules

The decision by the United Kingdom to leave the European Union will soon launch one of the largest policy undertakings ever, as British leaders and diplomats race against a two-year deadline to negotiate new arrangements with the European Union.

The UK will now have an opportunity to replace the stringent EU data protection regulations with a more forward-looking set of rules that enable data-driven innovation and in so doing cement the country’s leadership in the digital economy.

Read more in this Center for Data Innovation blog post.

Related