14 Jan Cybercrime Bytes: Time Bomb Attacks, Security’s Fuzz Buzz, Ransomware for Dummies
Weekly news that keeps you on the cutting edge of cybersecurity
–Steve Morgan, Editor-in-Chief
Sausalito, Calif. – Jan. 14, 2020
This week’s rundown is sponsored by SmartBrief on Cybersecurity, your top resource for daily cybersecurity updates, delivered straight to your inbox.
— Certain types of ransomware are created as a “time-bomb attack,” designed to delay execution for weeks or months rather than stealing, wiping, or extorting data as soon as a computer or server is breached. This variation of ransomware is more difficult to track and recover from. Inside Indiana Business
— FuzzCon: The first fuzzing event, being held in San Francisco on Feb. 25, 2020, includes experts from Fuzzbuzz, Fuzzing IO, Google, Microsoft, Synopsys, VDA Labs and Whitescope. Developers, security experts, CISOs and security leaders will discuss why fuzzing is a critical technique to employ within the software development lifecycle. PR Newswire
— Ransomware remains an ever-growing problem because it is an extremely lucrative criminal enterprise, according to the eBook “Ransomware Defense for Dummies.” The problem is that every single business that pays to recover their files is directly funding the development of its next generation. As a result, it is evolving at an alarming rate with new and more sophisticated variants. Cisco
— Stu Sjouwerman built a culture of fun and a cybersecurity company worth $1 billion. Clearwater, Fla.-based KnowBe4, which focuses on security awareness training for employees, has grown from $75,000 in annual sales for 2011 to $175 million for 2019, earning itself the enviable ‘unicorn’ status. Cybercrime Magazine
— Cybersecurity Ventures has research that estimates around 111 billion lines of new software code are being developed every single year — such vast amounts of code means a vast likelihood of vulnerabilities that can be exploited. Above The Law
— In metro Washington, D.C., where Virginia Tech will build its technology-focused Innovation Campus, the demand for cybersecurity professionals is especially intense — more than double the need of the New York metro area, more than five times the Boston area, and almost seven times that of Silicon Valley. Augusta Free Press
— In the U.S., the National Security Agency (NSA) has spent the last 20 years cultivating an interwoven network of universities and community colleges across the country capable of educating students in rigorous cybersecurity programs that are tailored to the needs of the agency. Diane Janosek, the head of the NSA’s National Cryptologic School, has set a goal for students to “learn cybersecurity education that can be applied to more than just the defense and intelligence sector. It could be applied to the banking industry, the finance industry, the healthcare industry, manufacturing.” Cyber Security Intelligence
— According to recent research, more than half of British businesses found themselves on the end of a cyberattack in 2019. Further, Cybersecurity Ventures predicts that there will be a ransomware attack on a business every 14 seconds by the end of this year. Infosecurity Magazine
— There are thousands and thousands of ethical hackers all over the world who are not being hired into traditional full-time roles just because they may not have the conventional engineering degrees despite having better hands-on skills than many enterprises’ IT security managers. Analytics India Magazine
— Cybersecurity Ventures expects the worldwide expenditure on cybersecurity to surpass $1 trillion cumulatively from 2017 to 2021. Investors in this market might want to look at the ETFMG Prime Cyber Security (ETF HACK) fund, a portfolio of companies providing cybersecurity solutions that include hardware, software and services. It seeks investment results that correspond generally to price and yield, before fund fees and expenses, of the Prime Cyber Defense Index. Yahoo! Finance
— Cybersecurity Ventures forecasts that losses due to wide-ranging cybercrimes will increase to $6 trillion (annually) by 2021. This is $1 trillion more than what India envisions its GDP to become by 2025. Tech Observer
— What can state and local governments do to address the cybersecurity worker shortage? Funding above all else. Without money, we don’t move the ball forward. The state of Georgia invested $100 million into the Georgia Cyber Center, the largest investment of its kind for a state. Cyber NYC is a $100 million public-private investment intended to make New York City a global leader in cyber innovation; a big part of that is to create the next-generation cybersecurity workforce. Cybercrime Magazine
— Cybersecurity Ventures says companies are victimized by ransomware every 14 seconds, at a cost of $11.5 billion worldwide in 2019. While the creation and development of new ransomware strains requires great knowledge and skill, most ransomware attacks are being perpetrated by less sophisticated cybercriminals who purchase the ransomware on the dark web. MarketWatch
— One of the most important barriers to robust global cybersecurity is the shortage of capable individuals in the workforce pipeline. By 2021, predictions from Cybersecurity Ventures suggest that the world will have more than 3.5 million unfilled cybersecurity jobs, with both the private and public sectors facing hiring shortages. Atlantic Council
— Cybersecurity Ventures is a media sponsor for the second year in a row at RSA Conference USA 2020 in San Francisco from Feb. 24-28. Save $900 with this limited time Special Registration. RSA Conference
More next week.
– Steve Morgan is founder and Editor-in-Chief at Cybersecurity Ventures.