Staff who work from home leave businesses open to lethal cyberattack
iProov threat intelligence uncovers Grey Nickel threat actor targeting banking, crypto and payment platforms
CISO news
Staff who work from home leave businesses open to lethal cyberattack
B ritish businesses fear hackers could completely wipe them out following the devastating cyberattack on Marks & Spencer, a survey has found.
Experts have warned the financial damage from ransom demands and clean-up costs can often cost millions of pounds, enough to jeopardise some firms’ futures.
Two thirds of security leaders at medium and large sized companies in the UK admit an assault on a similar scale could‘ cripple’ their organisation.
The poll by Absolute Security was carried out just weeks after M & S was hit over the Easter holidays, costing the retailer £ 300m and shaving £ 1bn off its market value. The company polling 250 UK security chiefs through a survey conducted by Censuswide.
M & S boss Stuart Machin recently admitted the attack, caused by‘ human error’, had been‘ the most challenging situation we’ ve encountered’. Security leaders revealed staff still working from home remained a major problem, with 62 % revealing remote devices were the‘ biggest weakness’ in their digital defences.
The consequences of such an attack are profound, with 63 % of the 250 security leaders polled in May revealing the financial loss from ransomware could cripple their organisation.
In response to these growing risks, over a third( 34 %) have implemented full bans on AI due to cybersecurity concerns, while 30 % of CISOs say they’ ve already pulled the plug on AI tools within their organisation.
iProov threat intelligence uncovers Grey Nickel threat actor targeting banking, crypto and payment platforms
Proov has revealed details of an active cybercriminal operation that has successfully infiltrated financial i institutions worldwide by exploiting vulnerabilities in remote identity verification systems.
“ These criminal groups understand that banking, crypto exchanges, e-wallets and digital payment platforms represent some of the highest-value targets for identity fraud,” said Dr. Andrew Newell, Chief Scientific Officer, iProov. iProov’ s Security Operations Center( iSOC) observed live operations of the threat actor codenamed Grey Nickel targeting organisations globally with concentrated attacks against banking, crypto exchanges, e-wallets and digital payment platforms in Asia-Pacific, EMEA and North America.
“ It is important to understand that these aren’ t opportunistic attacks; they represent highly coordinated, specialised operations that pose an existential threat to the digital transformation of banking,” he added.
During its investigation of Grey Nickel, the iSOC team also documented an unprecedented escalation in attacks specifically designed to bypass Know Your Customer( KYC) processes across the financial services sector.
Financial services organisations have long been prime targets for relentless fraud attacks, both by lone perpetrators and highly organised criminal networks. Unfortunately, many of the organisations targeted by Grey Nickel and the KYC attackers had employed liveness detection technologies that appear to be designed to prevent only presentation attacks as opposed to AI-fueled digitally injected attacks.
6 WWW. INTELLIGENTCISO. COM