According to a recent survey conducted by Opinium, remote workers are flouting best security practices and sharing work devices at home. “The data clearly shows workers understand the problem. 66% said they are more aware of cyber security threats since shifting to home working. Nearly half believe they personally … and their companies … are at increased risk of cyberattacks,” wrote Help Net Security. Despite the increased awareness, the survey suggests that employees aren’t always taking responsibility for their role in protecting the organization. At the same time, “29% of those surveyed said their company isn’t doing enough to protect them from cybersecurity threats.”
Meanwhile, attackers are leveraging this gap in protection and continuing to capitalize on pandemic trends, researchers at Palo Alto Network’s Unit 42 found. “We found that vaccine-related phishing attacks rose by 530% from December 2020 to February 2021, and that phishing attacks relating to and/or targeting pharmacies and hospitals rose by 189% during that same timeframe.”
Alas, much more has happened in cybersecurity this week. Let’s take a look at what made industry headlines.
Mar. 25: Security Week reported, “Business communications platform Slack rushed to take action on Wednesday after customers raised security-related concerns regarding a new feature that allows users to send direct messages to any other Slack user.”
Mar. 24: A cyberattack on CNA—a top US provider of cybersecurity insurance—has forced the company to take its systems offline.
Mar. 24: “A ransomware attack on leading internet-of-things (IoT) manufacturer Sierra Wireless this week ground its production activity to a halt and froze various other internal operations,” Threat Post reported.
Mar. 23: Covering an event hosted by the Auburn University Center for Cyber and Homeland Security, the Cybersecurity 202 reported that CISA’s acting director Brandon Wales, “urged state and local governments to take advantage of its Multi-State Information Sharing and Analysis Center program, which provides cybersecurity resources to state, local and tribal governments.”
Mar. 22: In a podcast with the Federal News Network, Secret Service Deputy Director Greg McAleer, and FBI Cyber Division Unit Chief Ryan Pierrot, offered advice to help organizations protect against ransomware attacks.Mar. 22: News from The Hill suggests that the public core—the heartbeat of the Internet—is “highly vulnerable to manipulation and disruption that could inflict terrible damage on the United States.”