Hub Weekly Digest: Fintech Hacks, Cloud Protections, Covid Threats, and Biotech Attacks
Hub Security’s weekly digest covers top stories happening around the world related to fintech, critical infrastructure, cloud, and digital asset security.
Join our weekly webinars on the most relevant cybersecurity topics trending in 2020 — stay up to date via our LinkedIn and Twitter.
In last week’s webinar, we discusses Cybersecurity & Critical Infrastructure Security in-depth with Hub Security’s CPO, Ido Helshtock and Sorin Lupu, Head of Business Strategy & International GTM @IECyber.
Manufacturers Say Cybersecurity Threats Starting to Overwhelm Resources
Most manufacturing executives participating in a survey said cybersecurity threats are beginning to overwhelm their resources. Fifty-three percent of respondents said the workload of their security operations exceeds the capacity of their staff “significantly” or “somewhat,” according to a summary of the survey.
“The combination of threat detection/response challenges and staff/skills shortage leads to predictable results,” according to the report by TrapX Security and Enterprise Strategy Group. The summary added that 53 percent “of manufacturing organizations surveyed claim that they have experienced a cyber-attack or other type of security incident in the last 12–24 months.” Such attacks either affected or were aimed at operational technology (OT), the report said. (Source)
Governments Examine Their Relationship to the Cloud & It’s Risks
After a long and continuous push for agencies to move their data and operations to the cloud, the federal government is closely considering what security commitments vendors of the technology and its related services are bringing to the table.
The latest episode of Nextgov’s Critical Update podcast looks at how introducing more certainty around the roles and responsibilities of cloud-based providers and their government customers could help chip away at one factor that might be affecting adoption of the technology: security officials’ fear of losing control. (Source)
Attacks on Biotech and Pharmaceutical Industry Escalate
Attacks on the biotech and pharmaceutical industry had increased by 50% between 2019 and 2020, according to a BlueVoyant report. The report highlighted that nation-states are ramping up cyber attacks on companies that are developing vaccines, and this is likely to increase as production and distribution gets underway.
The analysis examined open source records of 25 publicly reported attacks that have taken place in the last four years. It set out to define key risks and how COVID-19 has changed the threat landscape. Establishing that ransomware is still the number one threat vector for this industry, the report identifies the key risks that companies face and the steps they need to take to mitigate these. (Source)
COVID-19 Sparks Permanent Shifts in Cybersecurity Approach & Strategy
Remote work has caused chief information security officers to shift spending priorities toward identity access management, endpoint and cloud security. COVID-19 has been a benefactor for next-generation security companies that participate in these sectors.
In this week’s Breaking Analysis, we’ll provide you with our quarterly update of the cybersecurity market and share fresh Enterprise Technology Research data on the market. We also have the results from the most recent VENN roundtable conducted by ETR’s Erik Bradley with three senior CISOs. (Source)
Financial Institutions Cheese Bank, Akropolis, Value DeFi & Origin Protocol Were All Hacked This Week
If people actually used insurance against hacks, this week would definitely have bankrupted a great many insurers. In the span of one week, a total of four flash loan-enabled exploits were registered (one actually happened the week before, but wasn’t noticed until later).
We have, in order, Cheese Bank with a $3.3 million theft, Akropolis with its $2 million loss, Value DeFi with a whopping $6 million exploit and finally Origin Protocol’s loss of $7 million. In total, the hackers stole $18.3 million, which admittedly, is not that much — less than the single October exploit of Harvest Finance. (Source)
