According to research by our friends at NordVPN, one of the leading cybersecurity companies, adult content, streaming, and video hosting sites have the most security and privacy threats, such as malware, intrusive ads, and trackers. Research shows that NordVPN’s Threat Protection feature, whose sole purpose is to protect people from such threats, blocked 344M trackers, 341M intrusive ads, and 506K malware infections in the month of December 2022 alone.
“The online world is challenging people in every single move they make. Want to read an article? Dozens of ads and pop-ups are ready to immediately cover your screen. Another privacy threat – malware – is lurking for you on websites and in files you are about to download. Websites you browse are also full of third-party trackers that analyze your browsing history to find out what you do online. It depends on you to stop it,” says Adrianus Warmenhoven, a cybersecurity advisor at NordVPN.
Adult content sites contain the biggest amount of malware
Malware is malicious software that seeks to damage or compromise a device or data. Malware’s scope varies from relatively harmless to extremely dangerous. Malicious software can track people’s data, steal sensitive information, or even delete it without your consent.
NordVPN research shows that adult content sites (21%), as well as cloud storage providers (14%) and entertainment sites (11%), contain the biggest amount of malware. In December, Threat Protection blocked 60.4K, 40.1K, and 30.9K domains of these categories respectively.
Among the most common types of malware are viruses, spyware, worms, trojans, adware, scareware, ransomware, and fireless malware.
Streaming media sites have the most intrusive ads
Intrusive advertising refers to pushing invasive and irrelevant ads in front of consumers. They irritate users by popping up unexpectedly, blocking the host page, opening new pages and windows, or playing video and audio at inopportune times.
As for intrusive ads, the majority of them were found on streaming (23%), adult content (16%), and online shopping (9%) sites. Threat Protection detected and blocked millions of them: 552M, 389M, and 226M respectively.
“Today, ad blockers are essential for both security because they block ads that can infect people’s devices and privacy because annoying ads rely on collecting data from web activity and violating people’s privacy. Also, if a website is loading slower than usual, you can blame intrusive ads. Free apps filled with unwanted ads could also drain your device’s battery faster,” explains Adrianus Warmenhoven.
Video hosting sites have the biggest number of trackers
While many trackers are a tool for advertising and improving user experience, they may also become handy for online spies. Internet service providers (ISPs), marketing agencies, social media companies, and governments can access your online actions and breach your privacy.
NordVPN’s Threat Protection showed that video hosting sites (22%), cloud storage providers (16.31%), web email (16.25%), and information technology sites (12%) have the most trackers. Video hosting sites alone had 239 billion trackers blocked by Threat Protection in December 2022.
It’s worth adding that earlier NordVPN research showed that the average number of trackers per website is highest in Hong Kong (45.4 trackers), Singapore (33.5), the United States (23.1), and Australia (18.6).
“You can become less trackable online by declining third party cookies, because the website can sell your browsing data to third parties; using a VPN, which will hide your real IP address and location; installing a tracker blocker, which will stop your browsers from collecting information about you; and using privacy browsers, which can obfuscate your browser fingerprint, or ditching Google, which tracks a lot of data about you,” says Adrianus Warmenhoven.
Threat Protection scans your files before you download them, identifies threats, and blocks them before they can harm your device. The feature is free with every NordVPN subscription – and it allows you to go online without leaving a trace, protecting your privacy and improving your digital security.
Methodology: The statistics mentioned above were acquired by analyzing aggregated data gathered by the NordVPN’s Threat Protection service in January 2023. No identifiable user information was collected, reviewed, or otherwise involved when the research and compiled results were conducted.
Within the global sector of cyber security, the two major areas that are constantly under attack are financial and governmental. Financial organizations that hold consumer data, in particular those that provide financial services to retail and commercial customers, including banks, investment companies, real estate firms, retail banking and insurance companies, are an obvious target for the simple fact that this is where the money is. At the end of the day, unless an attack is of a personal nature, in which the reputation of an individual or business is targeted, monetary assets are the endgame.
Now imagine a cyber threat the same as you would a burglar walking down the street. When a thief leaves their home, they do not necessarily know what they are going to target, unless they have done some reconnaissance and are after something specific. In most cases, however, the target itself is not premeditated. And a house which is more vulnerable and has less defences, will always be the first point of call. Given the choice between a house with an open window and lights out, and a house with attack dogs, security cameras and search lights, nine times out of ten a burglar will take the opportunity to infiltrate the house with the open window. Why? Because it is easier and quicker to break into this house successfully.
The same applies within the finance industry. If there is a vulnerability, it will be the first target. In response, banks and financial institutions require tailored and sophisticated security to support their systems and people, and to defend against an onslaught of complex and aggressive cyber-attacks. Not only must security compliance within the financial sector be tenfold, but it is essential that security precautions evolve, to mirror the growing threat landscape.
But as new cyber threats develop daily, this is easier said than done.
Anti-Fraud Systems
To uphold compliance, and elements such as GDPR, antifraud systems within the finance industry have developed significantly over the last few years to safeguard credentials. To do this a combination of key codes, two factor authentication, voice ID, behavioral analysis, one-time passcodes, protective messaging, and digital fingerprinting have been widely integrated.
In fact, if you look at the document, ‘Comparison of banking providers’ fraud controls’, from the Financial Conduct Authority (FCA), the majority of banks use a combination of these systems. With organisations including the Bank of Scotland, First Direct, Halifax and HSBC, using touch identification. An element that would seem almost impossible to recreate virtually.
But cyber criminals have a concerningly accurate knowledge of the internal workings of banking and banking systems. And, in 2019, an arena known on the dark web as Genesis Market was uncovered. Within Genesis Market, digital fingerprints, stolen from PC’s, were/are sold. And, with each fingerprint, a user’s digital identity provides the means to bypass security measures and gain access to accounts.
According to darknetstats, Genesis Market is accessible by invitation alone. Once in, not only are fingerprints available, but so are passwords, credit card information, cookies and more.
It is no wonder that retina scanners are developing in the biometrics/banking sphere.
Internal Threats
It can be argued that the reason why many cyber criminals know so much about the inner workings of financial organisations is because, at one point or another, many worked legitimately within the industry. Internal teams pose as much of a threat as external attacks. In every Bond film there is always an insider guy.
But whether an attack is malicious or accidental, internal security breaches are regular occurrences. Which us why User Behavior Analytics is crucial to understand the actions within a team, and to highlight and stop unusual activity before the damage is done.
Another element that is important to recognize with regards to internal threats, is that many employees/insiders are completely unaware that they are a threat in the first place. Take, for instance, an employee working remotely. This employee may be sat at a local café where they decide to work on a company device. If this device was unknowingly hacked while using a different Wi-Fi, the user may be completely unaware that they are spreading malicious malware via their device throughout the company.
Ransomware
Say a crime group has gained access to personal accounts. The next logical step is to blackmail the victim/organization via ransomware. Unfortunately, as a public security breach would cause mass panic and many potential lawsuits, banks will often pay off cyber criminals into an anonymous cryptocurrency account, rather than lose client data. Crime groups know this.
Sometimes victims speak out, but this does not always end well.
Take Travelex, the currency exchange company, for instance. Following an attack by a Sodinokibi ransomware in January, $6 million usd was demanded in exchange for 5GB of personal data. Since the attack, Travelex has fallen into administration, with PwC saying that the ‘foreign exchange firm was acutely impacted by COVID and the recent cyber-attack.’
For financial organisations, ransomware can and will destroy a whole business. And, if they lock you out of an account, you are finished.
App Developments
Apps surrounding investment and finance have grown substantially in 2020. This, in part, is a good thing, as the ability to invest online is quick and easy, and accessible to all. But due to the demand, many of these apps were developed quickly and are underprepared for cyber-attacks.
For instance, many do not provide two-factor authentication, are not supported by the appropriate regulations, are not patched or maintained properly, and do not have contingency plans in place to mitigate the effects of a cyber-attack. As a result, personal information of app users is relatively easy to steal and sell. This can be done by creating duplicate fraudulent apps to trick the user. On these duplicate apps, the imagery and language of the genuine app is mirrored. And, once the personal information is supplied, both real and virtual money is then accessible. Thus, the circle of ransomware ensues.
COVID-19
Another element to take into consideration over the past two years and counting is, of course, COVID-19. According to an article by ComputerWeekly, ‘what has been referred to as an “unprecedented anomaly”, cyber criminals were and to some degree still are increasingly targeting the financial services sector during the Covid-19 coronavirus pandemic, with attacks on banks and other financial institutions spiking by 38% between February and March of 2020 to account for 52% of all attacks observed by VMware’s Carbon Black Cloud.’
COVID-19 has altered cyber security on a global scale and in every vertical.
Third-Party Risk
These days, few organisations work on their own. The majority use third parties, including vendors, partners, e-mail providers, service providers, web hosting, law firms, data management companies, subcontractors and so on. With regards to many of these, from IT systems to sensitive information shared with legal teams, these third parties could easily be a backdoor into your financial systems for attackers to infiltrate.
According to Ponemon Institute, ‘53% of organisations have experience one or more data breaches caused by a third party, costing an average of $7.5 million to remediate.’ For a large organisation, this can be crippling. And can wipe out a small organisation in a matter of minutes.
To manage third parties, financial organisations must have the ability to detect threats, and the capability to respond to them. Which requires the right combination of people, processes, and technologies.
But half the battle is locating vulnerabilities in the first place. Which is why cyber resiliency needs to be sharp, and why investing in the best managed security services is essential. From Firewall Management, to Decoy Deception and Honeypots, it is important to know what services will support an organisation best. This will depend on factors including location, company size, current security measures and more.
Considerations
Cyber threats will continue to grow into 2023. That much is clear.
Financial organizations have either already tackled a cyber-attack, will tackle one in the very near future, or may be a target of one currently, but are simply unaware of the fact.
Effective security comes down to three key elements. Processes, people and technology. Processes must run seamlessly alongside the organisation. Security experts must have the capability to detect, react and understand the context of a risk. And the technology must be superior, to keep up with cyber threats. All elements are equally as important, and you must have all three to ensure security.
In times like these security measures are more crucial than ever. Especially for those within finance. So that our life savings are secure, the security of our loved ones is maintained, and the livelihoods of those employed within the financial world continues. Contact SecurityHQ for a free consultation to learn more. For the Silo, Eleanor Barlow.
As the 2022 school year comes to an end, the surge of summer travel plans begins. With an estimated60%of Canadians and Americans planning at least one trip over the next 3 months, hackers have roughly 200,000,000 projected tourists to prey on.
Lookout’s Cyber Security Expert, Hank Schless, shares how these cyber-attacks usually capitalize on travelers who are often overwhelmed or distracted when in unfamiliar environments, like airports and cafes.
>> Public Wifi Connections
“Although many airports offer free Wi-Fi connectivity, you should make sure that you join the official airport network and not a similar network that is configured to trick travelers into giving up their usernames and passwords”
Attackers have been known to set up fake networks – with obvious but convincing names like ‘Starbucks_Guest_WiFi’.
Once you connect, they’ll gain access to sensitive information, including your login credentials, emails, and messages.
In order to protect yourself from wifi threats, alter your device’s settings so that it does not automatically connect to nearby networks, which the Lookout app does automatically.
>> Social Awareness & Juice Jacking
While on the go, travelers rely on power outlets and USB cords to keep their mobile device’s battery charged. Attackers can exploit USB chargers by loading malware onto them that infects your device the second you plug it in – Always be aware of your surroundings.
If someone approaches you and offers their USB charging cord, it is best to decline.
Always travel with your personal USB cords, and plug your charger directly into an electrical socket (vs USB port) if possible.
The easiest place for a scammer to steal or hack your phone is in crowded areas – so never leave your phone or device unattended and only let people you know “borrow” your devices.
>> SMS and Email Travel Updates
“It’s important to be on guard for travel-related email, text, and social media scams as well. Attackers may try to steal a traveler’s credentials through phishing campaigns that pretend to be an airline, credit card company, or TSA”
Here’s how it works: A scammer will send a message telling the recipient that their TSA PreCheck needs to be renewed, but the link in the renewal email leads to a fake site where hackers can accept payment and steal a victim’s personal information.
Although the TSA sends renewal reminder texts and emails, travelers should always go directly to the TSA website for information on their existing accounts.
For added protection, consumers can also download security – Security protection, like the Lookout app, will automatically monitor and identify scam URLs in email, text messages, and on the web and block you from threats that can do harm.
Cybercriminals are constantly attempting to exploit vulnerabilities that affect as many people as possible to maximize their profit opportunities.
According to the recent Atlas VPN team findings, Google and Microsoft accumulated the most vulnerabilities in the first half of 2021. Although not all exposures can cause critical damage, hackers could exploit some of them for severe attacks.
Google had 547 accumulated vulnerabilities throughout the first half of 2021. Exploiting Google products like Chrome is popular among cybercriminals. Next up, the second most exposures were found in Microsoft products — 432. State-sponsored threat actors from China abused Microsoft Exchange Server vulnerabilities to carry out ransomware attacks.
Oracle registered 316 total vulnerabilities in the first six months of 2021. Usually, the exploits are found in Oracle WebLogic Server, which functions as a platform for developing, deploying, and running enterprise Java-based applications.
Networking hardware company Cisco accumulated 200 vulnerabilities. Lastly, the producer of software for the management of business processes SAP had 118 exploits in total. Cybersecurity writer and researcher at Atlas VPN William Sword shares his thoughts on Microsoft and Google vulnerabilities: “Exploiting vulnerabilities in Google or Microsoft products allow cybercriminals to probe millions of systems. While the tech giants are doing a fair job of keeping up with exploits and constantly updating their software, people and organizations need to follow suit and keep up with the updates to prevent further exploitation.”
Vulnerability tiers
Exploits that can be turned into a severe attack get more attention from cybercriminals and companies themselves to fix the flaw as soon as possible. In the first half of 2021, there were 1,023 vulnerabilities found with a risk tier of 10.
One of the exploits that applied to such a tier is CVE-2021-22986, with a score of 9.8. National Vulnerability Database (NVD) issued risk tier 9 to 927 vulnerabilities. At this tier, exploit CVE-2021-28111 stood out with a score of 8.8. NVD recorded most vulnerabilities at a risk tier of 8 — 2,164. A notable exploit was CVE-2021-24092, with a score of 7.8. Finally, NVD recorded 501 vulnerabilities at risk tier 7. While second-most vulnerabilities — 1,765 — were found at tier 6.
Is there any question that Artificial Intelligence, or “AI”, is going to play a huge role in the future? The short answer is no- it’s already playing a large part today, so let’s delve into this new tech and look at how it is benefiting the energy sector and what we can expect to see from this AI phenomenon in the not so distant future.
Tokyo edges Singapore (2nd) and Osaka (3rd) again to take the top spot globally in 2019.Two North American cities make up the top ten, including Toronto (6th) and Washington, DC, (7th).The remaining top ten cities are: Amsterdam (4th), Sydney (5th), Copenhagen and Seoul (tied 8th) and Melbourne (10th).The 2019 edition of the index includes ten new indicators, of which eight are related to environmental resilience.
The Economist Intelligence Unit today releases the third edition of the Safe Cities Index (SCI) at the Safe Cities Summit in Singapore. The index, which is the centre piece of a research project sponsored by NEC Corporation, ranks 60 cities worldwide across five continents. It measures the multifaceted nature of urban safety, with indicators organised across four pillars: digital, infrastructure, health and personal security.
Cities in the Asia-Pacific (APAC) region make up six of the top ten safest cities, with Tokyo taking the top spot for the third time in a row. Along with Tokyo, other APAC cities, as in the past, dominate the SCI2019. Singapore and Osaka come second and third, while Sydney and Melbourne also make the top ten.
Toronto and Washington, DC, are the highest ranked North American cities in the SCI2019, with Washington, DC, entering the top ten for the first time. Overall, North American cities perform well in digital security, accounting for seven of the top ten cities in this category. These cities include Chicago, Washington, DC, Los Angeles, San Francisco, Dallas, New York and Toronto.
Vaibhav Sahgal, consultant at The Economist Intelligence Unit, says: “US cities continue to perform well in digital security as the government strengthens its cyber-security regulations, while Canadian cities tend to fare better than their US counterparts in personal security. None of the cities in the US make it into the top 20 in the personal security category—Washington, DC, only ranks 23rd, together with Shanghai.”
The SCI2019 benefits from a major revision designed to better capture “urban resilience”—the ability of cities to absorb and bounce back from shocks—a concept that has had an increasing influence on thinking in urban safety over the last decade, especially as policymakers worry about the implications of climate change. The 2019 edition is the third, following the 2015 and 2017 iterations.The SCI2019 scores are not evenly spread, with a large number of cities clustered at the top, and the rest showing wider variation in scores. Just ten points separate the overall scores of the top 24 cities, while the following 36 are 40 points apart. The research shows that levels of transparency in cities correlate as closely as income with index scores.
Research shows that the performance of different safety pillars correlates very closely with each other, signifying that different kinds of safety are thoroughly intertwined. The top performers in each pillar are as follows: Digital security: Tokyo (1), Singapore (2), Chicago (3), Washington, DC, (4), Los Angeles/San Francisco (5)Health security: Osaka (1), Tokyo (2), Seoul (3), Amsterdam (4), Stockholm (5)Infrastructure security: Singapore (1), Osaka (2), Barcelona (3), Tokyo (4), Madrid (5)Personal security: Singapore (1), Copenhagen (2), Hong Kong (3), Tokyo (4), Wellington (5) The leading cities got the basics right, including easy access to high-quality healthcare, dedicated cyber-security teams, community-based police patrolling and/or disaster continuity planning. The accompanying SCI2019 report explores the index results, incorporating 14 in-depth interviews with industry experts around urban safety.
Naka Kondo, senior editor at The Economist Intelligence Unit, and editor of the SCI2019 report says: “Overall, while wealth is among the most important determinants of safety, the levels of transparency—and governance—correlate as closely as income with index scores. Our research shows the many ways that transparency and accountability are essential in every pillar of urban security, from building safer bridges to developing the trust needed for relevant stakeholders to share information on cyber-attacks. The research also highlights how different types of safety are thoroughly intertwined—that it is rare to find a city with very good results in one safety pillar and lagging in others. Policies, service planning and provision should also take this into account—and this year, we have decided to convene stakeholders from around the world in a Safe Cities Summit to discuss such matters around urban safety.”
“You pay your money, as the saying goes, and you take your chances.” says Falkowitz, CEO of Area 1 Security. “More and more these days, it seems like this ‘policy’ is the rule rather than the exception, in everything from health care insurance to the commuter parking lot. Even though you’ve paid for the product or service, no one’s really responsible for some reason when you suffer damages while consuming whatever it is you bought. Or worse yet, you somehow find that whatever you bought doesn’t really do what you bought it for. And there’s an asterisk somewhere in the fine print to explain why. Unfortunately, nowhere is this more prevalent than in today’s cybersecurity industry.”
Despite the billions spent on cybersecurity we continue to suffer the most debilitating and expensive breaches imaginable, and some that cannot be imagined under any circumstances. Yet experts predict the worst is still to come. Cybercrime has moved from data theft and website defacement to a trajectory that includes data manipulation, data loss and eventually, if something is not done to change the economics of being a bad guy on the internet, threats to the stability of society itself.
“Cybersecurity companies seem to be content to collect their millions with the caveat that they can’t really offer protection in exchange,” continues Falkowitz. “Their customers likewise collect mountains of data on their customers and are appropriately contrite when that data is stolen or misused but the apology is not accompanied by compensation. Even the government can’t protect itself, or its citizens even if they’re attacked by another nation-state.”
The excuses and the explanations are familiar: Cybersecurity is too complicated. Hackers are too clever. Attacks are unprecedented.
“Nonsense. Every bit of it.” says Falkowitz. “Cybersecurity is no more complicated than hundreds of other things we do routinely, from sending astronauts into space or open heart surgery. Hackers are human, just more persistent about how to fool the rest of us. And attacks are based on the same tried and true methods—phishing—they’ve been using for decades.”
Oren J. Falkowitz is the co-founder and CEO of Silicon Valley’s Area 1 Security. Oren held senior positions at the NSA and United States Cyber Command (USCYBERCOM) where he focused on Computer Network Operations & Big Data and is a predominant cybersecurity industry thought-leader committed to keeping high-level national security conversations relevant. For the Silo, by Jennifer Vickery.