InfoSecBulletin Cybersecurity for mankind
Last year, more than 1.5 million UK companies were attacked by cybercriminals, causing them to lose over £31.5 billion ($40 billion), according to a report from business ISP Beaming.
Eight New ICS Advisories released by CISA
Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI
London-based company “Builder.ai” reportedly exposed 1.2 TB data
(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall
“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA
CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability
U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports
Daily Security Update Dated: 18.12.2024
CISA released best practices to secure Microsoft 365 Cloud environments
Data breach! Ireland fines Meta $264 million, Australia $50m
A company surveyed 500 business leaders in 2023 to find out about security breaches that affected their organization. They were asked about the expenses they incurred in dealing with each incident, which included data recovery, replacing IT assets and personnel, business interruption, lost business, and regulatory penalties.
The median figures for each type of cybercrime and business size provided by respondents were calculated and then multiplied by the total number of businesses, using government data.
The report “Price of Insecurity: The Cost of Business Cybercrime in 2023” shows that the total cost of breaches has increased by 138% since 2019, when it was estimated at £12.8bn.
In 2023, around 27% of UK businesses were targeted by cybercrime. On average, these attacks cost £5500.
Cybercrime rates decreased for the largest and smallest businesses, but increased for all SME segments. Small businesses (11-50) saw the highest increase in victims (42%) and costs (396%) between 2019 and 2023.
“While large businesses are proving more resilient to cybercrime, the cost of breaches is soaring, and SMEs are being hit harder than ever before,” argued Beaming managing director, Sonia Blizzard.
“Businesses are investing in training and technology but they’re under sustained attack. So as the use of technology helps business to grow, the investment in cybersecurity training also needs to be maintained.”
Companies are investing more in cybersecurity, including employee training and tools like firewalls, VPNs, and threat management devices. However, cyber-threats like phishing, malware, and insider threats are still common, affecting a large number of people.
BEC and social engineering were the top threats for cybercriminals, followed by credential stuffing and ransomware.
