Story image

As the silly season approaches, ransomware attacks spike

05 Oct 2016

While most people are gearing up to relax during the upcoming silly season, hackers and cybercriminals are buckling down to take advantage of the sheer amount of digital traffic that booms before Christmas.

That’s according to Aura Information Security, cybersecurity consultancy based in Australia and New Zealand. The company offers an unprecedented range of services and level of support for governments and corporates, globally.

Recently, Aura conducted research into the rising cybercrime statistics in the lead up to Christmas, where thousands of consumers will be turning to online stores to purchase gifts for their friends and family.

The organisation has found that over the past year, there’s been a rise in extortion and ransomware traffic.

In fact, 2015 was a record year with 100 new ransomware families discovered. Unfortunately, it’s not just blue chip businesses and banks that are targets; according to Aura, over the coming months it is more likely online retailers will be targeted too. 

With an increase in people making transactions online in the lead-up to Christmas, Aura highlights the fact that this means a lot more credit card (and other personal information) is out there and vulnerable to attack.

So, for businesses that make transactions online and take credit card payments, the cyber security organisation puts emphasis on the fact that they need to make sure your security is up to scratch.

Aura identifies three ways businesses can ensure safe transactions:

  1. Have a plan - be familiar with your website, support systems, network, and compliance requirements to determine the organisation’s current security stance.
  2. Get ready - once you understand your security stance, like most businesses you’ll need to take some action and make changes such as a specific penetration test of your website to understand how a real hacker might go about compromising your website. 
  3. Be prepared - assuming you will not get attacked or breached is a false assumption. If an attack or breach does happen, what would you do and how should you react? Most businesses have not even thought about this and have no plan in place.  

Hackers have a plan, so maybe businesses should too. 

Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”