Category Archives: Security

Want to scan your crypto wallet for risks? Check: AML crypto BTC, USDT, ETH. Checking cryptocurrency wallets for dirty money.

Charting the Rise of Ransomware

Posted on by

At the beginning of the year, Risk Management put ransomware at the top of the list when surveying the 2016 cyberrisk threat landscape, and these attacks have arguably come to the fore as cyberthreat of the year, whether you measure by buzz or by increase in incidents.

Indeed, ransomware is not just grabbing headlines—these cyberattacks have quadrupled in 2016, according to a recent Beazley Breach Response Services review of client data breaches. Authorities report a similar surge at large, with the Department of Justice estimating that more than 4,000 ransomware attacks have occurred daily since the beginning of the year, representing a 300% increase from 2015.

buy imuran online www.arborvita.com/wp-content/uploads/2023/10/jpg/imuran.html no prescription pharmacy

In July and August alone, 20% more of Beazley’s clients suffered a ransomware attack than in all of 2015. While the ransoms remain low, often in the range of $1,000, the firm points out that the true costs are dramatically higher due to the extensive review of company systems and data required to ensure the malware has been removed and data is clean.

Looking at specific industries, Beazley noted a significant uptick in attacks against financial institutions in the first three quarters of 2016, with hacking and malware accounting for 39% of breaches in the sector, up from 26% in 2015, and in higher education, these attacks increased from 38% last year to 46% in 2016. Hacking and malware account for a relatively steady proportion of just over half of breaches in the retail sector.

buy synthroid online www.arborvita.com/wp-content/uploads/2023/10/jpg/synthroid.html no prescription pharmacy

Among healthcare organizations, however, human error has spiked, with 40% of industry incidents caused by unintended disclosure compared to 28% last year.

“From what we are seeing, it appears that many hackers are finding it easier to make money by holding companies to ransom for bitcoin than through selling personal data on the dark web,” said Katherine Keefe, global head of BBR Services. “But, the persistently high levels of hacking and malware attacks of all kinds are a reminder that organizations across industries, and of all sizes, need actionable plans ready to implement when a breach occurs.

buy addyi online www.arborvita.com/wp-content/uploads/2023/10/jpg/addyi.html no prescription pharmacy

Check out the infographic below from security intelligence firm LogRhythm for more background on the rise in ransomware, how these attacks are impacting businesses, and how businesses are responding.

ransomware logrhythm
ransomware logrhythm

Water Scarcity Risk: Not Just a Local Political Issue

Posted on by

mining-and-water
There are few issues as politically charged as water, not only because people’s survival depends on it, but also because it is a critical component of so many industries. Agriculture, food and beverage manufacturers, refineries, paper and pulp companies, electronics manufacturers, mining operations and power plants—are of these rely on a continuous and reliable water supply.

When companies move into markets with weak infrastructure or questionable rule of law, drawing on these resources can quickly bring them into conflict with local citizens and, sometimes, the host government. Because of its vital importance, however, water scarcity has become much more than a local issue for businesses.

Water shortages can lead to conflict as competition grows for diminishing resources, as any scarce resource on which people depend is likely to become political at some point in time. One scenario that repeatedly unfolds is as follows: A mining operation depletes local water resources or has a tailings dam accident that contaminates a local river, a protest ensues and the host government intervenes in the project.

buy cymbalta online www.urologicalcare.com/wp-content/uploads/2023/10/jpg/cymbalta.html no prescription pharmacy

Hydroelectric power projects can create a number of similar political risks and some different ones, including relocation of local villages.

In recent years, however, awareness has grown about how water scarcity risk affects political risk at the national and international levels, requiring a different type of analysis.

buy amoxicillin online www.urologicalcare.com/wp-content/uploads/2023/10/jpg/amoxicillin.html no prescription pharmacy

The depletion of rivers, lakes and streams has led to more dependence on below-ground water. More than two-thirds of groundwater used around the world is for irrigating crops, and the rest of below-ground water is used to supply cities’ drinking water.

For centuries, below-ground water supplies served as a backup to carry regions and countries through droughts and warm winters that lacked enough snowmelt to replenish rivers and streams. Now, the world’s largest underground water reserves in Africa, Eurasia and the Americas are under stress, with many of them being drawn down at unsustainable rates. Nearly two billion people rely on groundwater that is considered under threat.

What makes the problem particularly difficult to solve in the emerging markets is that small, often subsistence, farmers are doing the drilling for water. The U.S. military called climate change, including reduced access to water, a “threat multiplier,” potentially threatening the stability of governments, increasing inter-state conflict, and contributing to extremist ideologies and terrorism.

It is always difficult to establish causality with something as complex as politics, but there certainly is circumstantial evidence that water scarcity was a factor in the Syrian uprisings that led to the country’s civil war. In Yemen, some hydrologists warn the country may be the first to actually run out of usable water within a decade, and combatants are making a bad situation even worse by using water and food as weapons against opposing villages. In Sudan, desertification and water scarcity have been cited as having a strong link to the Darfur conflict.

Since water does not respect political borders, the conflicts can become international.  One of the most high-profile disputes has been Ethiopia’s damming of the Nile River for hydroelectric power, potentially threatening Egypt’s ancient water source. In 2013, Egypt’s then-president said he did not want war but he would not allow Egypt’s water supply to be endangered by the dam. Fortunately, in 2015, Egypt, Ethiopia and Sudan signed an agreement allowing dam construction, provided that it did not cause “significant harm” to downstream countries. But the studies into how much harm it could do have not even been completed yet, and the dammed water could be diverted to uses other than power. Thus, the political risk surrounding the Nile River is far from over. Since 1975, Turkey’s construction of dams for irrigation and power have cut water flow into Syria by 40% and into Iraq by 80%, setting off disputes there.

buy nolvadex online www.urologicalcare.com/wp-content/uploads/2023/10/jpg/nolvadex.html no prescription pharmacy

Companies are accustomed to building water into their business plans in developing countries. Environmental impact assessments and proactive community relations programs can bring potential problems to the surface before they start, helping companies manage water in an environmentally and socially prudent manner. The geopolitical risks around water scarcity can be more difficult to manage, however. In this area, companies should consider building water scarcity into their political risk management and forecasting frameworks, factoring it in when making investment and supply chain decisions. If governments cannot find ways of sharing this limited resource, political violence risk may become even more of a factor for international businesses to consider.

This article previously appeared on Zurichna.com.

Defending Against the Cyberrisk of Malicious Insiders

Posted on by

An overwhelming number of businesses increasingly see their greatest cyber threats coming from within, but figuring out what to do about the risk poses a formidable gap, according to a recent study from Mimecast. The email and data security company found that 90% of organizations globally consider malicious insiders a major threat to security, yet 45% report they are ill-equipped to cope with the risk. Indeed, one in seven IT security decision-makers view malicious insiders as their number one threat.

online pharmacy neurontin with best prices today in the USA

Current measures to guard against this risk may still leave significant exposure, and IT managers appear to know it. Those who say they are very equipped on cybersecurity feel virtually just as vulnerable to insider threats as those who believe they are not equipped at all (16% vs. 17%), “indicating that the risk of malicious insiders trumps perceptions of security confidence,” Mimecast reported.

online pharmacy antabuse with best prices today in the USA

Mimecast recommends the following strategies to guard against the risk of malicious insiders:

  1. Assign role-based permissions to administrators to better control access to key systems and limit the ability of a malicious insider to act.
  2. Implement internal safeguards and data exfiltration control to detect and mitigate the risk of malicious insiders when they do strike, to cut off their ability to send confidential data outside the network.
  3. Offer creative employee security training programs that deter potential malicious insiders in the first place and help others to spot the signs so they can report inappropriate activity to their managers. Then, back that up with effective processes to police and act swiftly in the event of an attack.
    online pharmacy zyprexa with best prices today in the USA

  4. Nurture a culture of communication within teams to help employees watch out for each other and step in when someone seems like they’ve become disenchanted or are at risk of turning against the company.
  5. Train your organization’s leadership to communicate with employees to ensure open communication and awareness.

Check out more of the study’s findings in the infographic below:

mimecast_5-tips-to-defend-infographic

Cloud Privacy for Your Enterprise’s Data: Whose Choice?

Posted on by

cloud-securityToday’s headlines are full of reports of ransomware, retail customer data breaches and routine government surveillance of online traffic. The battle between the FBI and Apple over unlocking an iPhone is just the latest story highlighting digital data security as a daily concern.

buy tobradex online bristolrehabclinic.ca/wp-content/uploads/2023/10/jpg/tobradex.html no prescription pharmacy

While teens on Facebook may not worry about who’s looking at their posts, CEOs in the boardroom have a real problem to solve. Not only do large enterprises have to protect themselves against data breaches, they must follow a complex maze of privacy and data-hosting laws that vary by country and state.

Security and compliance can, ironically, become much more difficult thanks to a shift that otherwise makes IT easier and less expensive. Moving IT operations to the cloud has many advantages, but by placing data in the hands of a cloud vendor, companies frequently surrender a lot of control over that data: where it’s stored, how it’s handled and how it’s secured.

Furthermore, most customers have no idea of the physical location of the data center holding their information. That creates an immediate compliance problem with EU data privacy and hosting regulations—and non-compliance can be costly.

As an enterprise customer, having choices as to where your content is stored is crucial to your ability to meet all those requirements. Indeed, data sovereignty has become increasingly important in the wake of Safe Harbor, so companies need cloud solutions that enable them to maintain the highest levels of visibility and control over their data.

buy trazodone online bristolrehabclinic.ca/wp-content/uploads/2023/10/jpg/trazodone.html no prescription pharmacy

Data regulators have (for now) rejected the EU-U.S. Privacy Shield agreement, making it even more important for global enterprises to ensure they remain in compliance with regional privacy laws, protect employee personal information and preserve the confidentiality of valuable corporate intellectual property.

So when considering a cloud vendor, enterprises need to factor flexibility of location into their purchase decision. The ability to use private cloud, public cloud, and/or on-premises storage within a single account will offer global enterprises a flexible range of options. Along with that, enterprises should look for a cloud vendor that offers the enterprise’s IT department maximum visibility and control to choose the right storage location, based on national sovereignty, data sensitivity, and other factors that concern regulators.

Another crucial consideration is the security of the data – in particular, who ultimately controls access. It is really impossible for an enterprise customer to know if there is a hidden “back door” in the vendor’s system that might allow law enforcement (or a clever hacker) to get access to the most sensitive information of the enterprise. More importantly, should the FBI or NSA come calling, the enterprise has no way to know whether their vendor will allow those agencies access to data or if the vendor has agreed to the routine surveillance of their systems and, therefore, the customer data stored there.

buy zestril online bristolrehabclinic.ca/wp-content/uploads/2023/10/jpg/zestril.html no prescription pharmacy

What company or organization would willingly place that kind of responsibility in the hands of a cloud vendor? Because the enterprise is responsible for the protection of its own data and that of its customers, as well as its reputation, the customer rather than the vendor should decide these issues with full knowledge, based on its own core values.

Whether a company has the ability to take on this responsibility, however, does rest with its cloud vendor, because the customer only can control what the vendor allows.

As custodians of the information entrusted to them by customers, cloud vendors have a duty to build in the highest levels of security to protect that data.

Vendors should never be in a position to hand over a customer’s data on their own, any more than a bank should be able to open your safe deposit box without your key. It doesn’t matter what the cloud vendor’s position may be on the continuum between privacy and intelligence gathering. (That’s a major reason Syncplicity has chosen to use a “split key” system that precludes us from having any access to customer data without their express consent.)

In addition, vendors also have a responsibility to provide their enterprise customers with the ability to control precisely where their data are stored. Admittedly, keeping data secure is a daunting task from the vendor’s perspective. Attacks are more sophisticated every day and there are new laws and lots of uncertainty around them internationally.

These are enormously important issues and companies that want to be in the business of managing data for others must take them seriously. Doing anything less than this is an abject failure by the vendor. Enterprise customers need to make these issues a central part of deciding which vendor to use. Doing anything less puts their business – and their customer’s data – in jeopardy.