The Price of Cybercrime: Protecting the Business You’ve Built from Hacks and Attacks

Read Time:6 Minute, 50 Second

Cybercrime has a price. One that more and more business owners find themselves paying. 

The costs push well into the six figures, according to the U.S. Federal Bureau of Investigation’s (FBI) 2022 cybercrime report. On average, a business email compromise (a form of usually through targeted phishing or other account hacking) siphons $125,611 in funds. Ransomware attacks hold company data hostage for an average of $14,403. And data breaches level businesses for an average loss of $164,336. 

Cybercriminals increasingly wage these attacks against businesses with revenues of $500,000 or less, which makes the thought of a six-figure loss for them even more sobering. Retailers, professional service providers, real estate companies, medical practices, and other businesses like them now find themselves the preferred targets for a growing body of cybercriminals. 

Yet you can help prevent your business from getting hit.  

To counter this rise in attacks, we created McAfee Business Protection in partnership with Dell. It offers an all-in-one solution, with automated protection features that helps secure a company’s employees, along with their data, devices, and online connections. Intuitive setup and guidance for each employee strengthens their personal security posture and fortifies the overall security of your business as a result. 

And today, there’s an absolute need for that kind of protection. 

Why would a cybercriminal target my business? There are bigger fish out there. 

Cybercriminals have good reasons for targeting businesses with revenues of $500,000 and less: 

These businesses often lack online protection tools and support, making them more vulnerable to attacks than larger organizations with stricter security measures in place. 
Attacking these businesses often requires lower degrees technical expertise. Cybercriminals can buy or rent hacking tools and services on the dark web that can take advantage of poor security. 
They are prime for ransomware attacks, because many of these businesses don’t have data backed up or data recovery plans in place. 
Their employees aren’t always trained in good security habits, unlike larger businesses that may have such training in place. They may not recognize a phishing email when faced with one. 
Attacks on businesses of this size attract less attention. While cyberattacks on big businesses make big headlines, they often draw significant attention from law enforcement whereas smaller attacks may not.  

Cybercriminals may take in smaller hauls from these businesses, yet they make up for that in volume. They will attack several smaller businesses for smaller dollar amounts, which can rival the funds they’d reap by attacking one large target for one large amount—and with less relative risk. 

Another factor that makes these businesses so attractive to cybercriminals is that one hack can lead to another.  

Case in point, you might recall the massive data breach at Target during the holiday shopping season in 2013. It exposed some 41 million customer records, which cost Target nearly $300 million in settlements and losses. How did the hackers get in? By hacking a local HVAC contractor that used Target’s systems for billing, contracts, and project management.  

This shows how a breach in even the smallest of links in the supply chain can lead to yet another breach that impacts millions of people.  

As always, hackers look for easy, low-risk targets that offer the highest reward. In the case of businesses that make $500,000 a year or less, they’ve found exactly that. 

Two roadblocks to a more secure business: time and remote workers. 

Even as cybercriminals increase their attacks, both time and remote work only increase the risk to businesses.  

Time is an issue business owners know well already. There’s never enough of it, which means some aspects of the business get prioritized over others. In this mix, cybersecurity suffers. 

Our own research in the U.S. and Europe found that 63% of small business owners spend an hour or less on protecting their business a week. Moreover, 45% manage security in an ad-hoc way. It’s understandable, given that business owners would rather invest time in growing their business rather than managing their security. However, this low prioritization puts the business at risk, which could result in those six-figure losses mentioned above. 

The advent of remote work introduces further security issues as well. In the wake of the pandemic, many employees continue to work remotely or remotely part of the time 

The implications for security can be significant. Whether working from home or some other location like a café, these employees may not have proper cybersecurity protection in place. Further, they may be using unsecure networks or Wi-Fi that can put company data at risk—not to mention their data as well. In all, remote workers can find themselves quite vulnerable. 

Protection from breaches and attacks with security that’s built for your business. 

As we created McAfee Small Business protection, we kept these issues in mind. We created protection that’s strong, and we made it straightforward as well. Business owners can set it up for their employees quickly and put controls in place to ensure they’re secure. Meanwhile our Protection Score measures the overall security of the business and offers guidance that can make it even more secure. 

By design, it offers:  

All-in-one protection: It helps secure your employees, plus their data, devices, and online connections from hackers, malware, viruses, and more with a single solution. 
A solution that grows with your business: Employers can extend protection to each employee, protecting their data, devices, and online connections with custom guidance that strengthens their security posture. 
Simple and guided management: Automated protection and timely alerts let employers know when something needs attention, even when on-the-go, all from the Security Console. 
Support when you need it: Our team of experts are available by phone or chat to help with setup or guidance when something needs attention.  
The performance you demand: McAfee’s next-generation threat protection helps secure data and devices from threats both known and unknown and keeps devices running safely and smoothly.    
A trusted expert in security: McAfee has more than 35 years of experience protecting millions of people and their devices around the globe with award-winning security that’s recognized by SE Labs, AV-TEST, and AV-Comparatives. 

Further features secure your business in breadth and depth: 

Device protection ensures that operating systems are up to date, devices have password protection, and that files get encrypted when and where possible. 
Web Protection sidesteps phishing attacks and malware downloads with clear warnings of risky websites, links, and files.  
A secure VPN can automatically help keep your data private and secure anywhere your employees go with bank-grade encryption.  
A File Shredder deletes sensitive company files completely to ensure no traces are left behind on your devices.  
Identity Monitoring alerts employees if their personal information is found on the dark web. 

These are just a few of the security features offered, and you can see a full list on our partnership page with Dell here. 

By protecting your business, you protect your customers, clients, and partners too. 

Cybercrime indeed has a price. Beyond the dollars involved, the costs can run yet deeper from there. Downtime in the wake of an attack hits the bottom line. The recovery efforts that follow do as well. Additionally, businesses can suffer reputational damage if an attack also affects its customers, clients, and partners.  

Now, a shift has taken place. Cybercriminals still go after big businesses and major organizations, yet an increasing number of them go after businesses with revenues in the seven or even six figures. Poor security posture is one reason. Another is that even relatively amateur operations can wage attacks with “off-the-shelf” hacking tools found on the dark web.  

In short, every business faces the risk of cybercrime today. 

Yet with the right protection in place, you can avoid paying the price of cybercrime. And the introduction of our new McAfee Business Protection makes it easy in a time when it’s needed most. 

The post The Price of Cybercrime: Protecting the Business You’ve Built from Hacks and Attacks appeared first on McAfee Blog.

Read More

USN-6185-1: Linux kernel vulnerabilities

Read Time:1 Minute, 43 Second

It was discovered that the TUN/TAP driver in the Linux kernel did not
properly initialize socket data. A local attacker could use this to cause a
denial of service (system crash). (CVE-2023-1076)

It was discovered that the Real-Time Scheduling Class implementation in the
Linux kernel contained a type confusion vulnerability in some situations. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2023-1077)

It was discovered that the ASUS HID driver in the Linux kernel did not
properly handle device removal, leading to a use-after-free vulnerability.
A local attacker with physical access could plug in a specially crafted USB
device to cause a denial of service (system crash). (CVE-2023-1079)

It was discovered that the Xircom PCMCIA network device driver in the Linux
kernel did not properly handle device removal events. A physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2023-1670)

It was discovered that a race condition existed in the Xen transport layer
implementation for the 9P file system protocol in the Linux kernel, leading
to a use-after-free vulnerability. A local attacker could use this to cause
a denial of service (guest crash) or expose sensitive information (guest
kernel memory). (CVE-2023-1859)

Jose Oliveira and Rodrigo Branco discovered that the Spectre Variant 2
mitigations with prctl syscall were insufficient in some situations. A
local attacker could possibly use this to expose sensitive information.
(CVE-2023-1998)

It was discovered that the BigBen Interactive Kids’ gamepad driver in the
Linux kernel did not properly handle device removal, leading to a use-
after-free vulnerability. A local attacker with physical access could plug
in a specially crafted USB device to cause a denial of service (system
crash). (CVE-2023-25012)

It was discovered that a use-after-free vulnerability existed in the HFS+
file system implementation in the Linux kernel. A local attacker could
possibly use this to cause a denial of service (system crash).
(CVE-2023-2985)

Read More

RangeForce launches Defense Readiness Index to measure businesses’ cybersecurity capabilities

Read Time:56 Second

Cyber defense upskilling company RangeForce has announced the release of the Defense Readiness Index (DRI) to enable companies to measure and improve their cybersecurity capabilities. Integrated into RangeForce’s Threat Centric platform and mapped to both the MITRE ATT&CK and D3FEND frameworks, the DRI scores an organization’s readiness to respond to cyberattacks, the firm said in a press release. It also provides cybersecurity upskilling rooted in United States Department of Defense and NATO training to help teams to prepare for threats, it added.

Strong and effective cyber readiness can be challenging for many organizations. The latest Cisco Cybersecurity Readiness Index, which ranks companies in four stages of cybersecurity readiness (beginner, formative, progressive, and mature), found that more than half of organizations fall into either the beginner or formative category, with only 15% in the mature stage. Identity management is recognized as the most critical area of concern with 58% of organizations either in the formative or beginner category, while 56% of organizations were at the lower end of the readiness spectrum for network protection.

To read this article in full, please click here

Read More

Apple patches exploits used in spy campaign ‘Operation Triangulation’

Read Time:30 Second

Apple has shipped patches for the remote code execution (RCE) vulnerabilities in iOS that have already been exploited in the wild under the digital spy campaign, dubbed Operation Triangulation.

The campaign used two zero-click iMessage exploits and compromises without any user interactions based on a pair of bugs respectively in the kernel and Webkit.

Apple has attributed the discovery of these vulnerabilities to Kaspersky Lab just two weeks after the Russian cybersecurity firm reported discovering an advanced persistent threat (APT) actor launching zero-click iMessage exploits on Russian iOS devices.

To read this article in full, please click here

Read More

Silobreaker unveils new geopolitical cyber threat intelligence capabilities

Read Time:32 Second

Security and threat intelligence company Silobreaker has announced new geopolitical threat intelligence capabilities with RANE (Risk Assistance Network + Exchange). The tie-up will see Silobreaker integrate global risk intelligence company RANE’s enterprise geopolitical intelligence into its own platform, providing cyber threat intelligence teams with real-time information about world events that could heighten the risk of cyberattacks.

The integration, announced at Infosecurity Europe 2023 in London, will provide context into highly complex, interconnected events, allowing teams to take proactive steps to reduce their organizations’ exposure to risks impacting business productivity, resiliency, and continuity, Silobreaker said.

To read this article in full, please click here

Read More

Hybrid Microsoft network/cloud legacy settings may impact your future security posture

Read Time:45 Second

Once upon a time, the boundary that I worried about and considered that I was responsible for stopped at my Active Directory domain and at the firewall that protected it. Then the boundary of my network moved from the computers under my control to the internet and the connected devices and cloud applications that I now have access to and am linked into. We went from where the stakeholders of the firm were resistant to anything being in the cloud, to where we are now where we know we are half in the cloud and half still on premises.

No longer can I merely worry about the computers listed in my Active Directory users and computers snapped in, now I need to be concerned about applications and APIs that could create authentication links into apps that are inside my domain.

To read this article in full, please click here

Read More

Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution

Read Time:51 Second

Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution.

iOS is a mobile operating system for mobile devices, including the iPhone, iPad, and iPod touch.
iPadOS is the successor to iOS 12 and is a mobile operating system for iPads.
macOS Ventura is the 19th and current major release of macOS
macOS Monterey is the 18th and release of macOS.
macOS Big Sur is the 17th release of macOS.
watchOS is the mobile operating system for Apple Watch and is based on the iOS operating system.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More