Articles Cybersecurity Web Security

Security is top most requested service customers want from MSPs: Acronis-Omdia report

Acronis, a global leader in cyber protection, announced the results of a new survey conducted by Omdia (formerly Ovum), which shows that the most requested service that customers want from managed service providers (MSPs) is security.

In the research report titled “Understanding the Security and Data Backup Market for Managed Service Providers (MSPs),” an Acronis-supported survey was conducted involving 263 that serve small and mid-sized businesses (SMBs).

Analyzing the results, MSPs showed an overwhelming demand for reliable security offerings: 97% of respondents indicated the importance of ensuring minimal data loss or corruption in the event of an attack, and 88% of the MSPs indicated the need for an ability to reduce the damage that cyberattacks can cause.

Understanding the Security and Data Backup Market for Managed Service Providers (MSPs) : Acronis – Omdia Report

Chart 1: Top 3 Planned Areas of Security Improvements in the Next 12 Months

Areas of Security Improvements

In addition, 89% of respondents expressed the need to offer a service that goes beyond anti-virus, anti-ransomware, and firewalls.

Acronis Chief Cyber Officer Gaidar Magdanurov comments that the findings are in line with the feedback the company has received in the last few years.

“Service providers are looking to earn higher profit, avoid customer churn, and improve the ease of use of their technology stacks for their teams,” said Gaidar Magdanurov.

“In the survey, 84% of respondents confirmed that it is difficult to work with multiple vendors and suppliers for each aspect of the security stack. Instead of using multiple tools for backup, anti-virus, anti-malware, vulnerability assessments, URL filtering, patch management, etc., a single, integrated cyber protection solution would greatly improve their ability to efficiently provide better services to their clients. This is why we see rapid adoption of Acronis Cyber Protect by service providers from all over the world,” Gaidar added.

Related read: Enhancing on-premise solutions market in India: ZNet becomes a distributor of Acronis

Acronis Cyber Protect, one of Acronis’ latest offerings, provides a unique integration of backup with full-stack next-generation security and management tools. A single integrated solution simplifies day-to-day operations for service providers, increases the productivity of their technicians, and delivers much higher security and reliability for end customers, avoiding downtime and data loss that could lead to customer churn.

Chart 2: Top Business and Organizational Challenges Facing MSPs

Challenges Facing MSPs

Keeping costs down’ is a key concern for MSPs, according to the Omdia survey: 92% of respondents say acquiring the skills and expertise to deliver security services is a major business challenge because many available services are expensive and scarce.

COVID-19 continues to have a relentless grip on the world, resulting in the most challenging business environment we’ve seen since last decade’s Great Financial Crisis and the Great Depression of the 1930s,” comments Roy Illsley, Distinguished Analyst at Omdia, and one of the lead authors of the report. “In these environments where organizations are facing a new threat that they are ill-prepared for, cybercriminals can only thrive. To combat this, MSPs and their clients must have the ability to implement the most appropriate solutions to deal with these increasingly sophisticated attacks.”

Chart 3: Top Technical Challenge MSPs Face

Technical Challenge MSPs Face

The challenge for MSPs is to understand the risk of continuing to use legacy solutions from multiple vendors to provide protection for their customers. The need for agile yet integrated solutions designed specifically for the MSP market is very high in these most challenging times.”

Acronis Cyber Protect, like all of Acronis’ solutions, is developed based on the Five Vectors of Cyber Protection — safety, accessibility, privacy, authenticity, and security (SAPAS). Cyber protection, which IDC calls the new IT discipline, addresses the need to combine data protection and cybersecurity, which have historically been treated as separate practices, to mitigate risk and meet the emerging challenges created by modern data use.

The Omdia survey also lists the top three areas MSPs feel are important with regards to backup and recovery: being able to automate the backup process; providing protection against ransomware; and backing up the most popular SaaS applications, such as Microsoft 365.

More about Acronis Cyber Protect

Acronis Cyber Protect changes the game by giving MSPs a single solution to deliver backup, anti-malware, security, and endpoint management capabilities such as vulnerability assessments, URL filtering, and patch management.

These integrated capabilities create new opportunities for MSPs to deliver enhanced cybersecurity. With Acronis Cyber Protect, MSPs can proactively avoid cyberattacks, minimize downtime, ensure fast and easy recoveries, and automate the configuration of client protection to counter the latest cyberthreats.

The result is improved margins, better profitability, easier SLA compliance, greater performance, and decreased churn – all at a lower cost.

Understanding the Security and Data Backup Market for Managed Service Providers (MSPs) : Acronis – Omdia Report
Read next: Cybersecurity market in India to reach $3 billion by 2022: DSCI-PwC Report
Articles Cybersecurity Web Security

Cybercriminals trying to exploit the trust of users to hack them: Report

Nearly 1 in 4 malicious URLs (24%) are hosted on trusted domains, according to the 2019 Webroot Threat Report. This shows that the attackers are trying to gain the trust of users and then take it for granted.

Webroot, a leading IT security firm, discovered more than 1.5 million unique phishing URLs in 2019 so far. The company has also protected over 3.35 million endpoint devices against these phishing URLs.

The 2019 Webroot Threat Report examines the emerging threats and cybersecurity trends, and provides perspectives and predictions for the future.

Key findings of the report: Emerging threats and cybersecurity trends

Here are the highlights of the report including the latest cybersecurity trends, emerging cyberthreats, and more.

1. Cybercriminals taking the trust for granted

As mentioned above, the cybercriminals are exploiting the human vulnerabilities, i.e. trust.

Twenty-four percent of the malicious URLs were found on trusted domains. The attackers are hacking legitimate websites to host malicious content. The visitors trust these sites and take actions without sensing any suspicious activity.

Around 29% of the phishing websites are using HTTPS to trick end users who look for trusted sites that use SSL certificate for security.

“If you unwittingly end up on a well-faked phishing copy of your banking website and see the lock icon, it’s natural to assume that you’re in the right place and all is well. Except when you try to log in, what you’re really doing is securely transmitting your login credentials to an attacker. In this case, HTTPS would’ve been used to trick you.”

Hal Lonas, CTO, Webroot

phishing websites using SSL

2. Cybercriminals looking for quality over quantity

This is a trend nowadays among the attackers that they are determining the value of the systems being attacked. No doubt, they are carrying out numerous malware campaigns, but their aim is to target the valuable systems.

For example, if they find a system with high speed and processing power, they would try out on that system to use it for cryptocurrency mining.

“Although a high number of infections is still valuable, threat actors are effectively going for quality over quantity when they choose to profile their victim’s worth.”

Jason Davison, Advanced Threat Research Analyst

Related read: Ninety-nine percent of IaaS misconfigurations remain unnoticed by businesses: McAfee

3. 95%of malware unique to a single system

The malware encounter rates haven’t risen much compared to last year, but things have changed a lot. Ninety-five percent of the malware now is unique to a single system, up from 92% in 2018. This shows that most of the malware is very difficult to be detected by signature-based technologies.

4. Rise in malware against Windows 7

Earlier this year, Microsoft had announced that it is dropping support for Windows 7 from January 2020. Despite that, the users are barely migrating to the Windows 10.

malware against Windows 7

The new finding by Webroot is an alarming one for all the users of Windows 7, as it reveals that Windows 7 computers are twice as likely to become infected compared to Windows 10. The malware against Windows 7 has increased by 71% in 2019. The reason behind targeting Windows 7 is that attackers are in hopes of exploiting unpatched vulnerabilities.

“Even though older operating systems are being used less and less, breaching even a single out-of-date machine can take down a company’s whole network. That’s how infections like WannaCry and NotPetya spread so quickly in 2017— they took advantage of vulnerabilities in older, unpatched operating systems.”

Briana Butler, Sr. Engineering Data

5. Major growth in phishing sites

Webroot mentioned that there has been very high growth in the phishing sites. In early April, the security firm protected its customers from accessing around 60K phishing sites in a single day.

In the first half of this year, over 1.5 million unique phishing websites were detected, along with 3.4 million others detected via proactive crawling and analysis on the internet.

For more insights (cybersecurity trends and emerging threats) from the survey, download the full 2019 Webroot Threat Report.

Images source: Webroot

Newss Web Security

Sectigo Certificate Manager integrates with Docker, Kubernetes, Ansible, Terraform, HashiCorp Vault

Sectigo (formerly Comodo CA) is powering its Certificate Management platform with five new integrations— Docker, Kubernetes, Ansible, Terraform, and HashiCorp Vault. The aim is to provide IT teams a comprehensive PKI (Public Key Infrastructure) solution for DevOps.

Called Sectigo Certificate Manager, the certificate management platform is a cloud-based solution that allows enterprises to manage public, private, and IoT device certificates from a single platform. It comes with the required tools, support, and capabilities that can help in minimizing risks, respond to threats faster, and optimize operational costs.

Docker, Kubernetes, Ansible, Terraform, and HashiCorp Vault are the leading DevOps configuration management and container orchestration platforms. These integrations will now deliver IT and security teams the ability to ensure that their DevOps environments are in line with accepted security practices, meet compliance and auditability needs.

“All sizeable enterprises either use or are implementing DevOps today,” said Lindsay Kent, VP of Product Management, Sectigo. “As they do so, these enterprises are also finding that they suddenly need to become PKI experts and must roll out their own PKI to ensure identity for containers and related services.”

In DevOps environments, there is a broad range of certificates and specific use cases. These environments are generally complex as many technologies are being used simultaneously. Sectigo’s newly released integrations will cover most of the operational footprint of enterprises.

Also read: Sectigo to protect enterprises in Middle East against rising cyberthreats

“These integrations between Sectigo Certificate Manager and the most popular DevOps orchestration tools give operations teams full visibility and control over the certificate properties they choose. An expert partner, like Sectigo, can ensure enterprises follow accepted security practices and can keep implementations current with changes in cryptography needed to stay safe in a changing computing environment,” added Kent.

Moreover, if enterprises want to use their DevOps tool or another PKI solution, they can continue to do so while using Sectigo Certificate Manager for monitoring and reporting on the certificate deployments.

Newss Technology Web Security

Millions of Exim email servers vulnerable to cyber attacks

A critical vulnerability has been found in millions of Exim servers which once exploited can enable potential attacker to run arbitrary code with root privileges.

All versions of Exim servers up to and including 4.92.1 that accept TLS connections are vulnerable, according to Exim team.

“The vulnerability is exploitable by sending a SNI ending in a backslash-null sequence during the initial TLS handshake. The exploit exists as a POC,” wrote Exim in a recent advisory.

The Exim team on September 4 published a warning on OSS Security mailing list regarding the security bug that was affecting Exim. On Friday, the team released the version 4.92.2 to address the critical issue.

This vulnerability in the Exim server (CVE-2019-15846) was discovered in July by a security researcher called “Zerons”. It allows an unauthenticated attacker to take advantage of the TLS ServerName Indicator and use this to send malicious code on servers that accept TLS connections.

The Exim software is a mail transfer agent (MTA) that works as a general and flexible mailer with extensive facilities for checking incoming e-mail. This software is widely popular, available for Linux and Windows, and is used by millions of internet-facing hosts. It is estimated to have served 57% of publicly reachable email servers on the internet.

Exim has full control of emails in cPanel. Thus, this issue is serious as remote access by any unknown attacker would lead to get the complete control of a vulnerable Exim server.

The Exim advisory highly encourages to update to the latest Exim 4.92.2 version immediately. In case users are unable to install the new version, they can simply ask their package maintainer for the updated version containing the backported fix.

READ NEXT: Serious security issue found in 40+ device drivers from 20 vendors

Articles Cloud Web Security

97% of enterprises perform data backup at least once a year: Acronis’ World Backup Day survey

93% of consumers and 97% of enterprises perform data backup at least once a year, according to the World Backup Day survey by Acronis.

World Backup Day falls on March 31, and is aimed to highlight the importance of data protection using backups. The reason it falls on March 31 is to remind everyone that if they don’t want to lose data and look like a fool on April 1, then they must securely back up their data.

Acronis is a leading provider of backup software and data protection solutions. It is conducting backup surveys for the last 4 years to learn about the habits of consumers related to backup, cyberthreat awareness, and data loss experiences. This year, the company surveyed individuals and businesses in 11 countries.

Key findings of the Acronis’ World Backup Day survey:

1. 93% of consumers and 97% of enterprises create data backup at least once a year. Of those, 73% of consumers do it monthly or weekly, while 86% of enterprises do it monthly, weekly, or daily.

2. In 2019, only 7.3% of respondents never back up their data, down from 31.4% in 2018.

3. However, only 10.3% of respondents back up their data to a hybrid of local and cloud storage. 90% of consumers and 73% of enterprises don’t back up their data to a hybrid of local and cloud storage.

World Backup Day

4. 45% of consumers reported that they have more than four devices at home.

5. Regardless of the backup, 65% of consumers suffered data loss from a computer or mobile devices, either by themselves or their family members. On the other hand, 29% of enterprises reported a data loss that caused downtime.

6. 60% of enterprises are concerned or highly concerned about crypto-jacking.

7. 61% of enterprises said that they are concerned or highly concerned about ransomware.

8. Whereas, 61% of enterprises are concerned or highly concerned about social engineering attacks.

9. 70% of consumers said that they wouldn’t deny paying $50 to $500 for recovering data loss.

World Backup Day

10. 46% of consumers have no idea about ransomware, while 53% don’t know about crypto-jacking. Another 53% of consumers have no idea about social engineering attacks.

World Backup Day

How to back up complex data and protect it?

It is a tough task for IT managers to create data backup. It is because they need to protect physical, virtual and cloud environments, which is a complex process.

Acronis suggests that IT managers should follow the 3-2-1 rule of data protection.

  • Follow 3-2-1 rule for data protection

According to Acronis, businesses should create three copies of every piece of important data. With this, they wouldn’t have to worry about data loss because a single event won’t delete all the data.

This data should be stored in two different formats, including an internal drive and an external media.

Keep one copy of data offsite. This step will ensure that data remains safe against physical disasters.

  • Keep operating system and apps updated

Use of older versions of OS and apps might not have bug fixes and security patches. This can allow cybercriminals to gain access to devices.

  • Be careful while opening infected emails, links or attachments

The main cause of virus and ransomware attacks is the social engineering techniques that infect users by tricking them to open suspicious email attachments and click malicious links.

  • Use anti-virus software

Every desktop device should install anti-virus software and enable automatic updates to prevent common attacks. Windows users should keep Windows Defender always on and updated.

Also read: Acronis integrates its anti-malware solution PE Analyzer into Google’s VirusTotal

Images source: Acronis

Cloud Cloud News Web Security

Acronis integrates its anti-malware solution PE Analyzer into Google’s VirusTotal

Backup software and data protection solutions provider— Acronis, is teaming up with VirusTotal, a Google subsidiary that provides service for detection of viruses, worms, trojans, and other malicious content in files and URLs.

As a part of the partnership, Acronis will integrate its machine learning-based malware detection engine called Acronis PE Analyzer into VirusTotal platform.

Execution of malware is rapidly increasing year over year and causing threat to Windows operating systems. As per the leading cybersecurity firm Comodo, over 400 million unique malwares were detected in the top-level domains (TLDs) in the second quarter of 2018 alone. AV-TEST registered nearly 400,000 new malware samples a day, which included trojans, backdoors, ransomware, and cryptojackers.

Acronis PE Analyzer aims to address these threats. It is an effective anti-malware solution that uses machine learning models for detecting any Window PE malware.

The company mentioned that its machine learning model is based on a Gradient Boosting Decision Tree that is integrated with a number of neural network models. This creates a file portrait of the threats on the basis of several static characteristics.

This machine learning model can operate independently without an internet connection, while providing high detection rate.

“Given how quickly data threats are evolving, the nature of data protection is fundamentally changing. Solutions must prevent the malicious attacks that target backups to be effective, which is why Acronis has invested in developing our proactive defensive technologies,” said Oleg Melnikov, Acronis Technology Officer.

“Our mission is to protect all data, however, and incorporating our ML-based engine into VirusTotal is the best way to ensure the entire security industry can benefit from Acronis PE Analyzer’s detection capabilities.”

Also read: Acronis doubles investment in Arizona for AI and blockchain projects

Acronis has built the PE Analyzer as a part of its new cyber protection suite which will be released in 2019. Before launching Acronis PE Analyzer, the company will make several improvements to the solution. These improvements will made on the basis of insights gained by its VirusTotal use.

Last month, Acronis had launched the version 7.8 of its Data Cloud Platform with around 80 new features and advancements.

Newss Web Security

Comodo Zero-day Challenge seeks to unmask anti-virus vendors that fool customers

The leading cybersecurity provider Comodo has rolled out a new challenge for anti-virus (AV) industry that highlights the lack of quality in current AV practices. Called the Comodo Zero-day Challenge, the initiative is aimed to unmask the AV vendors which mislead customers.

Zero-day is the day when an attack gets discovered but without a fix. The attackers can find the weakness in code and develop malicious code to exploit the vulnerability and unleash a cyberattack. Once the software provider fixes the vulnerability, it’s no longer called a Zero-day Exploit.

Comodo said that AV vendors fool the customers and investors into believing that they provide real protection against thousands of new malware attacks. However, what they do is detect the out-of-date malware attacks in the systems rather than finding the undiscovered ones.

The AV vendors hide behind the terms of VirusTotal program by Google, while the customers keep suffering from data breaches. The VirusTotal leverages antivirus scanners and URL blacklisting services from more than 70 providers to inspect the files and URLs. It is a free tool that allows anyone to upload a file from computer and scan it.

The terms of VirusTotal clearly states that the participants agree not to “use the Service in any way which could infringe the rights or interests of VirusTotal, the Community or any third party, including for example, to prove or disprove a concept or discredit, or bait any actor in the anti-malware space.”

However, the vendors abuse the rights and leverage well-intentioned services to support false practices. Most of these vendors depend upon detection capabilities of others, without acknowledging that dependence. They lack the right capabilities in virus detection, hide the deficiency, and overstate the effectiveness of detection.

Customers get fooled by such services and continuously face data breaches. The services provided by these vendors only detect and remediate the viruses that were encountered already. But thousands of new threats appear every day which slip to the systems without getting detected.

“VirusTotal is the victim, not the villain, and end-users are exposed to massive amounts of malware as a result,” noted Comodo President and CEO Steve Subar.

“Actual protection involves much more than mere detection. Protection is preemptive and comprehensive, stopping all unknown files before they can damage system resources and user assets. Protection renders both known and unknown malware harmless.”

Also read: Comodo Threat Research Lab uncovers new trick used by hackers to attack enterprises

Comodo Cybersecurity is inviting researchers and IT end-users to test Comodo by submitting their chosen new malware to the Valkyrie Verdict engine. Comodo will publicize the submissions in both the cases— whether Valkyrie detects the malware or not.

Image source: Comodo

Articles Web Security

How to effectively prepare a business to mitigate consequences of an aggressive cyber-attack?

After a series of malicious cybersecurity incidents in 2017 surfaced affecting large companies and private organizations all over the world, cyber – security alerts have become the norm. However, the worst is yet to come. Last week, the United States and Britain issued a joint warning regarding a new wave of cyberattacks, most likely aimed at governments and private organizations, but also on individual homes and offices.

Unfortunately, security incidents happen in all organizations. The only way to improve your company’s resilience, ensuring your customers’ and stakeholders’ confidence, as well as continuing to operate your business as normal, is to invest in incident management processes, such as DraaS. Such solutions help your business mitigate the harmful impacts of cyber – attacks.

Read below how you can prepare to fight possible business disruption caused by an aggressive cyber – attack.

Carrying out cyber security incident threat analysis –  For thousands of people living in the UK, the word – “ransomware” became comprehensible, when they were turned away from NHS hospitals last year, due to the malicious WannaCry attack. There is nothing unusual about this, as only recently businesses and private users around the world can see what cyber – crime means in practice, and what disastrous consequences to business continuity it can bring. One of the main stages for protecting your business from cyber – security incidents can be considered as a very epistemological one, that means, it will involve deep understanding what you might be dealing with and what is the level of threat to your organization.

Providers of Disaster Recovery as a Service help firms to contextualize cybersecurity threats by looking at key business processes and system interdependencies that might be targeted by hackers. It is important to channel all your worries to the investigators at this stage, to help them better tailor their services to your business operations.

Consider shifting the responsibility with service level agreements –  Building your own Disaster Recovery Team might be problematic, especially when you are running a small business. However, research shows, that formal cybersecurity incident teams are invaluable for dealing with disruptive events, as very often they are the only people who have the technical expertise needed to advise on business decisions quickly. It makes sense for small and medium organizations to often fully, or partially shift their responsibilities for creating and managing disaster recovery programs to Disaster Recovery Providers.

Transferring ownership can be done by signing service level agreement, which gives you the guaranty that aspects of the service to which you both agreed to, will be delivered. This essentially means that in the event of a cyber – security incident, an external Recovery Execution Team, not you, will be responsible for one or all of the following: identifying, investigating, taking appropriate action, or overseeing all the recovering processes.

Applying changes – When looking at vulnerabilities in your system, it’s highly likely that security investigators will recommend applying changes to your IT services within your company. Configuring your systems and networks, transferring mission-critical data to safe data centers as well as implementing adequate monitoring processes is crucial for eliminating single points of failure, that are often enough to compromise your infrastructure.

Securing and retaining your data is critical – These days companies run on data, so it is essential you take the proactive approach to properly recover not only your applications and servers, but ensure they are also working, and the data they store is recovered. Disaster Recovery providers can help you to identify data that needs to be protected, as well as where it is stored, and how it can be recovered, without the need to rely on outdated data deduplication.

Depending on your business objectives you might either choose replication services that create a fully working, ready – to – use, copy of your environment (this is especially important for companies with strict RTO ) or traditional back-up and vaulting methods, which are recommended for platforms that can afford being down between 4- 12 hours.

Continuous Review of your state of readiness –  Once you have realistic scenarios based on the conducted threat analysis, you might want to see if the changes you have applied to protect your infrastructure and data work properly. A good testing method usually involves initiating a fictional, yet very probable attack internally, and verifying how well you ( or your security provider)  can respond to it. This stage might also involve undergoing recovery exercises, that could prepare you even better for an actual disaster.


Guest Author: Matthew Walker-Jones

Specializing in content covering topics including data driven marketing, online data protection, data recovery and cyber security. With a passion for all things data, Matthew is constantly staying up to date with the latest news on data security information.

Articles Cloud News Web Security

Human error and misconfigured cloud servers responsible for most data breaches in 2017: IBM Security Report

Over 2.9 billion data records were leaked online globally in 2017, a drop of 25% from 4 billion records breached in 2016, according to a report from IBM Security.

The report, IBM X-Force Threat Intelligence Index 2018, however revealed that cybercriminals shifted their focus on ransomware attacks and other destructive attacks, where they demanded ransom from the victims by locking or destroying data.

“Last year, there was a clear focus by criminals to lock or delete data, not just steal it, through ransomware attacks. These attacks are not quantified by records breached, but have proven to be just as, if not more, costly to organizations than a traditional data breach,” said Wendi Whitmore, Global Lead, IBM X-Force Incident Response and Intelligence Services (IRIS). The ability to anticipate these attacks and be prepared will be critical as cybercriminals will continue to evolve their tactics to what proves most lucrative.”

  • Over $8 billion paid as ransom in 2017

Ransomware attacks like WannaCry, NotPetya, and Bad Rabbit grabbed the headlines in 2017, bringing enormous number of organizations to a halt. These cyberattacks infected and locked the systems and infrastructure in many industries including healthcare, transportation, and logistics.

The attackers locked the critical data through ransomware attacks, and demanded a huge sum of money from organizations, rather than leaking it online. As per the report, an amount of more than $8 billion was paid as ransom to the cybercriminals in 2017.

Longer the companies took to respond to the attack, the more it costed. According to another IBM Security study last year, a slow response can impact the cost of an attack, as the incidents that took longer than 30 days to contain, costed $1 million more than the incidents than those contained within 30 days.

  • Human error and misconfigured cloud servers responsible for data breaches

Human error and mistakes in infrastructure configurations like misconfigured cloud infrastructure, were responsible for around 70% of the compromised records.

According to the report, cybercriminals were aware of the existence of the misconfigured cloud servers, because of the mistakes by employees. Hence, the number of records breached through misconfigured cloud servers rose to 424% in 2017.

  • Millions of phishing attacks 

A lot of organizations were attacked through phishing attacks. The attackers launched spam campaigns and sent links and attachments that contained malicious code. When the links were clicked or the attachments were opened, the malicious code attacked the system.

In some instances, the cybercriminals relied on Necurs botnet, and distributed millions of spam messages within a few days. For example, IBM X-Force observed four separate Necurs campaigns that spanned more than 22 million emails, within two days in August 2017.

  • Drop in cyberattacks against Financial Services industry, but rise in banking Trojan

Information & Communication Technology and Manufacturing industries were the most attacked industries in 2017, accounting for 33% and 27% of the attacks, respectively.

Financial Services, the most targeted industry by cybercriminals for last few years, was the third-most attacked industry (17%) in 2017. However, it still faced the highest volume of security incidents (27%), for the second consecutive year.

The drop in the number of attacks on Financial Services organizations was because of the heavy investment in cybersecurity technologies by the industry. However, the cybercriminals started targeting the customers and end-users across the industry, using banking Trojans.

The banking Trojan is a malicious program used to gain confidential information about customers and clients using online banking and payment systems. In 2017, the Gozi banking Trojan and its variants were the most used malware against finance industry.

Also read: Cybercriminals using trending topics like Bitcoin and FIFA 2018 for phishing scams: Kaspersky Report

Articles Cloud News Web Security Wordpress

49% top WordPress sites not using latest version, vulnerable to attack: Hashed Out by The SSL Store  

WordPress community releases new versions of WordPress on a regular basis to add new features, fix the bugs, improve security, make the software better and modernize the experience for bloggers, developers and creative agencies.

However, a new report from Hashed Out by The SSL Store revealed that 49% of WordPress sites in the Quantcast Top 10,000 were not using the latest, more secure version of WordPress.

Hashed Out researched the WordPress sites after the launch of WordPress version 4.9.5 earlier this month, to find how many sites had updated to the latest version of WordPress, and how many sites were multiple updates behind.

The WordPress 4.9.5 is a security and maintenance release for all versions since WordPress 3.7. According to WordPress, the versions 4.9.4 and earlier are affected by three security issues. But users are not paying heed to the updates. The report stated that 33% of the WordPress sites were using version 4.9.3 and earlier.

WordPress is the most used platform to build websites, and the most common platform attacked by hackers. If a WordPress site is attacked, it can be very difficult to fix it because attackers may leave behind new hidden entry points to find their way in again. Hence, not updating to the latest version is a big concern for WordPress users.

“The biggest problem in WordPress security (or any other kind of site) is getting people to realize that having a WP website is like having a puppy,” says Dawes. “If you don’t take care of it – feeding, grooming, vaccinations and the like – You’re going to have problems.”— Ken Dawes, Senior web developer and WordPress expert.

Why users don’t update to the new WordPress versions?

According to Paul Bischoff, a security expert and privacy advocate for, users don’t update to new versions because they think that it might impact the site stability. For example, some of the WordPress plugins might stop working.

They’re also worried that if they made changes to a theme without putting the same changes into a child theme, those changes will not be applied if they update to new version.

On the other hand, the online businesses don’t update thinking that it might cause downtime, which is more expensive for them than the risk of attack.

The longer you wait, the more vulnerable you are

It’s not easy for hackers to find the vulnerabilities in a software. They get to know about it when the software publisher releases a patch for it. Not all the users update to the new version, and that’s where hackers find the opportunity. They know that the vulnerability still exists on the installation who didn’t update.  Hence, the users who don’t update are at great risk.

As per the study, of all the websites in Quantcast Top 10,000, 17% run in WordPress. Out of those WordPress sites, 49% were not running the latest version, and 33% were at least two updates behind, which means around half of the WordPress sites were at risk of attack.

There is a common misconception among the small and medium-sized businesses that they’re not vulnerable to hacking because they’re too small for any attack. However, several reports clearly show that SMBs are constantly attacked more than the large businesses.

74% of SMBs were attacked in 2017, according to Symantec 2017 Threat Report. While another report from National Cyber Security Alliance revealed that 60% of the SMBs go out of business within six months of attack.

How you can keep your WordPress site safe?

Whenever WordPress releases updates to its plugins or content management system, the users get notification in the dashboard that an update is available. So, when any update is available, the user should not waste time thinking twice whether he needs to update or not.

The users worried about themes, should use child themes. It helps them to update all the themes in the installation with no negative impact on site.

Also read: Everything you need to know about Gutenberg— the new WordPress editor

WordPress users should stop using plugins which might not be compatible with new versions, and delete the plugins which are not used or outdated. Use strong passwords and update them on a regular basis.

Page 1 of 7
1 2 3 7