COVID-19 Resource Center: Latest News and Insights on the Novel Coronavirus and Cybersecurity Response

The COVID-19 pandemic has changed how we all live and work, creating the largest remote workforce in history. Never have topics such as identity and access management, device security and business resiliency been more critical. Use this COVID-19 Resource Center for the latest updates and opinions on the virus, its influence on the threat landscape and how global organisations can improve response.

IBM says a global spear-phishing campaign targeting the COVID-19 vaccine "cold chain" is expanding.

Phishing Campaign Targeting COVID Vaccine 'Cold Chain' Expands

Marianne Kolbasuk McGee • April 14, 2021

Cybercriminals, likely backed by nation-states, are expanding global spear-phishing campaigns targeting the COVID-19 vaccine "cold chain" in an attempt to steal credentials so they can gain "privileged insight" into sensitive information, the IBM Security X-Force says in an updated report.

Fraud Management & Cybercrime

NHS Reports COVID-19 App Success, Backed by Strong Privacy

Latest

Endpoint Security

Unscripted: 3 Security Leaders Dissect Today's Top Trends

Tom Field • April 16, 2021

No script, no filter: Just Microsoft’s Edna Conway and Cisco’s Wendy Nather gathering with privacy leader Michelle Dennedy to discuss the impact of the SolarWinds supply chain attack and to play Buzzword Mystery Date with SASE, CIAM and "passwordless" authentication - are these trends dreamboats or duds?

Fraud Management & Cybercrime

Ransomware Cleanup Costs Scottish Agency $1.1 Million

Mathew J. Schwartz • April 6, 2021

How much does it cost to recover from a ransomware attack? For the Scottish Environment Protection Agency, which was hit by the Conti ransomware-wielding gang on Christmas Eve, reported cleanup costs have reached $1.1 million. SEPA is still restoring systems and has refused to pay any ransom.

Governance & Risk Management

Switching Away from Paper Documents for Good

Information Security Media Group • April 1, 2021

Replacing paper documents with an electronic version is one of the many tasks you may be facing as part of the remote work transformation.

Governance & Risk Management

Remote Work Creates Insider Threat Concerns

Nick Holland • March 22, 2021

Recent research highlights the growth in risky remote work behaviors. Dr. Margaret Cunningham of Forcepoint X-Lab discusses the implications of this increase in insider threats and shares risk mitigation strategies.

Email Security & Protection

Analysis: Lessons Learned From Emotet Takedown

Anna Delaney • March 12, 2021

The latest edition of the ISMG Security Report features cybercrime deterrence lessons learned from the disruption of the Emotet botnet operation. Also featured: An update on attacks tied to Microsoft Exchange flaw exploits; a discussion of the need to update business continuity plans.

Governance & Risk Management

The Impact of COVID-19 on Cybersecurity Strategies

Nick Holland • March 10, 2021

The 2021 PwC Global Digital Trust Insights survey shows 96% of businesses will adjust their cybersecurity strategies as a result of the COVID-19 pandemic. Joe Nocera and Vikas Agarwal of PwC offer an analysis.

Cryptocurrency Fraud

Analysis: Feds Crack Down on Cryptocurrency Scams

Anna Delaney • February 26, 2021

The latest edition of the ISMG Security Report features an analysis of a federal crackdown on ICO cryptocurrency scams. Also featured: An update on the SonicWall hack investigation and the use of digital IDs to verify COVID-19 testing.

Fraud Management & Cybercrime

France Warns of Stolen Healthcare Credentials

Marianne Kolbasuk McGee • February 23, 2021

French authorities are warning the country's healthcare sector of the discovery of a glut of stolen credentials, apparently belonging to hospital workers, that were found for sale on the dark web. The alert comes amid a recent rise in ransomware attacks on hospitals and other healthcare entities.

Fraud Management & Cybercrime

IRS Warns of Fresh Fraud Tactics as Tax Season Starts

Scott Ferguson • February 19, 2021

As tax season begins, the Internal Revenue Service is warning that it's seeing signs of fraudsters spoofing the agency's domains and incorporating its logos and language into phishing campaigns.

Fraud Management & Cybercrime

Roses are Red, Romance Scammers Increasingly Make You Blue

Mathew J. Schwartz • February 12, 2021

The ongoing lockdown may be complicating the path of Cupid's arrows. But as another Valentine's Day rolls around, authorities are warning that romance scammers - and other types of fraudsters - are alive and well and have been increasingly preying on unsuspecting victims around the world.

Endpoint Security

Cybersecurity Leadership: Asset Discovery and Visibility

Tom Field • February 8, 2021

In the wake of COVID-19-accelerated transformation and the SolarWinds hack, the importance of understanding your organization's digital exposure is more critical than ever. In this latest Cybersecurity Leadership panel, CEOs and CISOs discuss asset discovery and attack surface vulnerability.

Endpoint Security

Good News: Cryptocurrency-Enabled Crime Took a Dive in 2020

Mathew J. Schwartz • January 25, 2021

Good news on the cybercrime front: "Cryptocurrency-related crime fell significantly in 2020," compared to 2019, reports blockchain analysis firm Chainalysis. Unfortunately, in the same timeframe, ransomware profits surged 311%, stoking calls for a crackdown on ransom payments.