News and resources to keep you on the cutting edge of cybersecurity

– Steve Morgan, Editor-in-Chief

Northport, N.Y. – Dec. 19, 2018

Q4 2018

The cybersecurity stories we’re following this quarter, and you should too:

• The top 5 cybersecurity facts, figures, predictions and statistics for 2019 to 2021 have been released by Cybersecurity Ventures. The data covers cybercrime costs, cybersecurity spending, employment figures, attack surface growth, and ransomware.
• The cybersecurity market is expected to grow 15-20 percent a year over the next 3 years, and Cybersecurity Ventures has seen its business grow by 54 percent over the past year.
• Many workplaces are hoping to inspire a ‘cybersecurity culture’ among employees, believing that protection from cyberattacks can only be achieved with a top-to-bottom, coordinated effort.
• The 2019 Official Annual Cybercrime Report, published by Cybersecurity Ventures, predicts that cybercrime will be more profitable than the global trade of all major illegal drugs combined by 2021.
• Women are key to solving the cybersecurity workforce shortage, which is expected to reach 3.5 million unfilled jobs by 2021. The latest prediction is that women represent roughly 20 percent of the global cybersecurity workforce.
• New data shows that freelance hackers can now command up to $500,000 per year testing security flaws at companies that hire them — and many of them are looking to become full-time bug bounty hunters.
• Cyberattacks continue to increase in scope and frequency, and we simply don’t have the manpower to address them. Organizations should look for cybersecurity professionals with the right traits rather than the right skills.
• Universities are helping retool the labor force, including cybersecurity, in the age of artificial intelligence (AI) – by offering new degrees, partnering with companies to shape curricula, and investing in multi-discipline teaching.
• The Big Apple is looking to bulk up on cyber. A new partnership between local universities and global technology firms plans to turn New York City into the next ‘Capital of Cybersecurity.’
• Costing $100 million and boasting 332,000 square feet in two adjacent buildings, the Georgia Cyber Center (GCC) is the single largest investment in a cybersecurity facility in the nation to date.
• Ransomware attacks on hospitals are predicted to increase 5X by 2021, writes Robert Herjavec, founder of Herjavec Group, Shark on ABC’s Shark Tank, and bestselling author – sharing the latest ransomware research from Cybersecurity Ventures. Social engineering scams must also be on hospitals’ radars.
• Two researchers make a case in The Wall Street Journal for protecting small firms against costly cyber lawsuits. They face the same fines and legal exposure as big businesses when their cybersecurity fails.
• Cybersecurity’s greatest weakness is also its best line of defense, according to an article World Economic Forum (WEF) published in collaboration with the Atlantic Council – which says that humans can act as warning signs of cyber espionage and attacks.
• Singapore announced the launch of the world’s first commercial cyber risk pool, a facility for providing cyber insurance to corporate buyers, as cyberattacks become more pervasive.
• The New York Times takes a look at how to get students to think like criminals – for a good purpose. The skills needed for cybersecurity jobs aren’t easy to learn in the classroom.

WATCH THIS

Cybercrime Magazine interviews Jason Witty, EVP & Chief Information Security Officer at U.S. Bancorp.

THREAT INTEL

Cyber alerts from AlienVault Open Threat Exchange (OTX) — The world’s first truly open threat intelligence community:

• Inception Attackers Target Europe with Year-old Office Vulnerability
• Spam campaign that attempts to target Mac users that use Exodus, a multi-cryptocurrency wallet.
• Rising from the deep, Kraken Cryptor ransomware has had a notable development path in recent months.
• Android/TimpDoor phishing campaign using text messages tricks users into downloading and installing a fake voice-message app.
• Email trojan claims user has missed an invoice, includes Microsoft Word macro malware.
• Chalubo botnet wants to DDoS from your server or IoT device.
• Banking Trojans continue to surface on Google Play.
• sLoad and Ramnit pairing in sustained campaigns against UK and Italy.
• Malware Targeting Brazil Uses Legitimate Windows Components WMI and CertUtil as Part of its Routine.
• Cobalt Strike targeting Ukrainian Telecoms

Join OTX for free to share your threat research and subscribe to other contributors.

– Curated by the Editors at Cybercrime Magazine

We’ll be back in Q1 2019 with a new edition of the Quarterly Rundown!

– Steve Morgan is founder and Editor-in-Chief at Cybersecurity Ventures.

Go here to read all of my blogs and articles covering cybersecurity. Go here to send me story tips, feedback and suggestions.