InfoSecBulletin Cybersecurity for mankind
Last year, more than 1.5 million UK companies were attacked by cybercriminals, causing them to lose over £31.5 billion ($40 billion), according to a report from business ISP Beaming.
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
Canada 2nd largest airlines “WestJet” investigates cyberattack disrupting internal systems
Paraguay 7.4 Million Citizen Records Leaked on Dark Web
High-Severity Flaw in HashiCorp Nomad Allows Privilege Escalation
SoftBank: Over 137,000 personal info leaked
Alert
Trend Micro Apex One Flaw Allow Attackers to Inject Malicious Code
A company surveyed 500 business leaders in 2023 to find out about security breaches that affected their organization. They were asked about the expenses they incurred in dealing with each incident, which included data recovery, replacing IT assets and personnel, business interruption, lost business, and regulatory penalties.
The median figures for each type of cybercrime and business size provided by respondents were calculated and then multiplied by the total number of businesses, using government data.
The report “Price of Insecurity: The Cost of Business Cybercrime in 2023” shows that the total cost of breaches has increased by 138% since 2019, when it was estimated at £12.8bn.
In 2023, around 27% of UK businesses were targeted by cybercrime. On average, these attacks cost £5500.
Cybercrime rates decreased for the largest and smallest businesses, but increased for all SME segments. Small businesses (11-50) saw the highest increase in victims (42%) and costs (396%) between 2019 and 2023.
“While large businesses are proving more resilient to cybercrime, the cost of breaches is soaring, and SMEs are being hit harder than ever before,” argued Beaming managing director, Sonia Blizzard.
“Businesses are investing in training and technology but they’re under sustained attack. So as the use of technology helps business to grow, the investment in cybersecurity training also needs to be maintained.”
Companies are investing more in cybersecurity, including employee training and tools like firewalls, VPNs, and threat management devices. However, cyber-threats like phishing, malware, and insider threats are still common, affecting a large number of people.
BEC and social engineering were the top threats for cybercriminals, followed by credential stuffing and ransomware.
