Hackers with ties to China\u2019s government have reportedly gotten into some American internet service providers.
\nThe hacking campaign, dubbed Salt Typhoon by investigators, was targeting sensitive information, the Wall Street Journal (WSJ) reported Wednesday (Sept. 25), citing sources familiar with the matter.
\nAs the report noted, it marks the latest in a series of hacks that investigators in the U.S. say are connected to China.
\nIn this case, the hack involved an incursion into U.S. broadband networks, with cybercriminals setting up a foothold inside the network that let them access data stored by telecommunications companies or carry out cyberattacks.
\nAccording to the WSJ, former U.S. intelligence officials say the alleged hack seems to be audacious in its scope, even by the standards set by past attacks by China-linked hackers.
\n\u201cThis would be an alarming \u2014 but not really surprising \u2014 expansion of their malicious use of cyber to gain the upper hand over the United States,\u201d said Glenn Gerstell, former general counsel at the National Security Agency.
\nHe added that China had long depended on cyber theft to steal industrial or military secrets before quietly establishing itself within critical U.S. infrastructure.
\n\u201cNow it seems they are penetrating the very heart of America\u2019s digital life, by burrowing into major internet-service providers,\u201d he said.
\nSources told the WSJ that investigators are probing whether the hackers got access to Cisco Systems routers, and that Microsoft is looking into the intrusion and what sensitive information may have been accessed.
\nThe report is the latest bit of bad news in a year dominated by high-profile cyberattacks on the country\u2019s ports, automotive sector and healthcare system.
\nIn the wake of these incidents, PYMNTS wrote last week, cybersecurity has become a chief concern for organizations of all sizes, serving as a brutal reminder that no company, no matter its size or resources, can escape cyber threats.
\n\u201cThese breaches have not only exposed millions of personal data records but also revealed vulnerabilities in the systems used by businesses and their service providers,\u201d that report said.\u00a0\u201cAs cyberattacks grow in frequency and sophistication, the responsibility to reduce the attack surface \u2014 the totality of vulnerabilities that hackers could exploit \u2014 is increasingly falling on businesses and their service providers.\u201d
\nThe post Report: China-Connected Hackers Breach US Broadband Networks appeared first on PYMNTS.com.
\n", "content_text": "Hackers with ties to China\u2019s government have reportedly gotten into some American internet service providers.\nThe hacking campaign, dubbed Salt Typhoon by investigators, was targeting sensitive information, the Wall Street Journal (WSJ) reported Wednesday (Sept. 25), citing sources familiar with the matter.\nAs the report noted, it marks the latest in a series of hacks that investigators in the U.S. say are connected to China.\nIn this case, the hack involved an incursion into U.S. broadband networks, with cybercriminals setting up a foothold inside the network that let them access data stored by telecommunications companies or carry out cyberattacks.\nAccording to the WSJ, former U.S. intelligence officials say the alleged hack seems to be audacious in its scope, even by the standards set by past attacks by China-linked hackers.\n\u201cThis would be an alarming \u2014 but not really surprising \u2014 expansion of their malicious use of cyber to gain the upper hand over the United States,\u201d said Glenn Gerstell, former general counsel at the National Security Agency.\nHe added that China had long depended on cyber theft to steal industrial or military secrets before quietly establishing itself within critical U.S. infrastructure.\n\u201cNow it seems they are penetrating the very heart of America\u2019s digital life, by burrowing into major internet-service providers,\u201d he said.\nSources told the WSJ that investigators are probing whether the hackers got access to Cisco Systems routers, and that Microsoft is looking into the intrusion and what sensitive information may have been accessed.\nThe report is the latest bit of bad news in a year dominated by high-profile cyberattacks on the country\u2019s ports, automotive sector and healthcare system.\nIn the wake of these incidents, PYMNTS wrote last week, cybersecurity has become a chief concern for organizations of all sizes, serving as a brutal reminder that no company, no matter its size or resources, can escape cyber threats.\n\u201cThese breaches have not only exposed millions of personal data records but also revealed vulnerabilities in the systems used by businesses and their service providers,\u201d that report said.\u00a0\u201cAs cyberattacks grow in frequency and sophistication, the responsibility to reduce the attack surface \u2014 the totality of vulnerabilities that hackers could exploit \u2014 is increasingly falling on businesses and their service providers.\u201d\nThe post Report: China-Connected Hackers Breach US Broadband Networks appeared first on PYMNTS.com.", "date_published": "2024-09-25T17:20:13-04:00", "date_modified": "2024-09-25T17:20:13-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/09/hackers-fraud-Internet-Service-Providers-cybersecurity.jpg", "tags": [ "china", "cyberattacks", "Cybersecurity", "Data Breaches", "data security", "Hackers", "hacking", "interner service providers", "News", "PYMNTS News", "Salt Typhoon", "What's Hot" ] }, { "id": "https://www.pymnts.com/?p=2105203", "url": "https://www.pymnts.com/cybersecurity/2024/lawmakers-press-crowdstrike-on-july-failure-ai-dangers-during-house-hearing/", "title": "Trending: Lawmakers Grill CrowdStrike on IT Outage and Cybersecurity Gaps", "content_html": "When your company is responsible for one the largest IT outages in history, the U.S. government is going to want to hear more about it.
\nAnd that\u2019s what took place Tuesday (Sept. 24), when the U.S. House Committee on Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection heard from Adam Meyers, senior vice president, counter adversary operations, at CrowdStrike, during a hearing entitled, \u201cAn Outage Strikes: Assessing the Global Impact of CrowdStrike\u2019s Faulty Software Update.\u201d
\nThe July IT outage severely disrupted key functions of the global economy, resulting in cancellations of 3,000 commercial flights, delays of 11,800 other flights, cancellations of surgeries, disruptions to 911 emergency call centers, and\u00a0a need for companies\u00a0across nearly all commercial sectors to devote millions of manual labor hours to solving the problem.
\nWhile members of the\u00a0House Homeland Security Committee\u00a0had originally asked\u00a0CrowdStrike\u00a0CEO\u00a0George Kurtz\u00a0to appear and give public testimony about the faulty software update, Kurtz instead sent Meyers as his deputy.
\n\u201cThe sheer scale of this error was alarming. \u2026 We are here today to understand what went wrong,\u201d subcommittee Chairman Rep. Andrew Garbarino, R-N.Y., said to open the hearing.
\n\u201cWe need CrowdStrike to be effective and successful because its efficacy and success are the effectiveness and success of its customers,\u201d added ranking member Rep. Eric Swalwell, D-Calif., noting that CrowdStrike holds 17.7% of the global cybersecurity market share.\u00a0
\nRead more:\u00a0CrowdStrike Outage Rolls On; Attention Turns to Software Update Quality Control
\n\u201cJust over two months ago, we let our customers down,\u201d CrowdStrike\u2019s Meyers said to begin his testimony.
\nCrowdStrike is used by 538 Fortune 1000 companies, 298 Fortune 500 firms, and 43 of 50 U.S. states.
\nDelta\u00a0has claimed that the IT outage, which canceled over 5,000 of its flights, will cost it\u00a0$500 million, and in a report published Thursday (Sept. 19), Germany\u2019s Federal Office for Information Security (BSI) found that 10% of German-based organizations impacted by the July outage are dropping their current security vendors\u2019 products.
\nAs PYMNTS reported at the start of the month, CrowdStrike\u00a0faces numerous legal challenges from the glitch that caused a\u00a0global tech outage, while writing about the incident in August, we argued here that the outage underscored the need for companies to have effective\u00a0disaster recovery plans.
\nAsked by lawmakers how CrowdStrike is going to make it right \u201cfor the victims of the incident by making them whole \u2026 and create accountability for the space in the future,\u201d Meyers demurred and saying instead to the fact that 99.9% of systems were up and running soon after the incident.
\nRegarding what actually happened that day in July, Meyers explained to lawmakers that one of CrowdStrike\u2019s Falcon threat detection configurations \u2014 which are sent daily to sensors running on Microsoft Windows devices \u2014 contained an extra input for which there was no defined action. This mismatch led the software to follow a configuration without knowing which rules to follow, triggering a malfunction until the problematic configurations were replaced.\u00a0
\nLawmakers from rural districts highlighted what they framed as a widening digital divide when questioning Meyers about CrowdStrike\u2019s recovery response and the delays suffered by organizations in their regions.
\nRead more: Reducing the Attack Surface: How Data Breaches Imperil Corporate Networks
\nAs noted by Meyers during his testimony, advancements in threat detection, prevention and response capabilities have aided defenders in recent years, but adversaries have responded by increasingly adopting and relying on techniques to evade detection. This includes supply chain attacks, insider threats and identity-based attacks. Threat actors\u2019 speed also continues to accelerate as adversaries compress the time between initial entry, lateral movement, and \u201cactions of objective\u201d (like data exfiltration or attack).
\nAt the same time, Meyers added, the rise of generative artificial intelligence (AI) has the potential to lower the barrier of entry for low-skilled adversaries, making it easier to launch attacks that are more sophisticated and state of the art.
\n\u201cGood AI equals good cybersecurity,\u201d he said. \u201cThere\u2019s a wave of horizon threats that pertain to AI.\u201d
\nAgainst this backdrop, Craigslist\u00a0founder\u00a0Craig Newmark\u00a0reportedly made a $100 million cybersecurity pledge last week (Sept. 18), saying that the United States is \u201cunder attack,\u201d and at risk for\u00a0hacking\u00a0by foreign governments.
\nAnd elsewhere, Disney\u00a0reportedly plans to stop using workplace collaboration platform\u00a0Slack\u00a0following a recent data breach that exposed sensitive information.
\n\n
The post Trending: Lawmakers Grill CrowdStrike on IT Outage and Cybersecurity Gaps appeared first on PYMNTS.com.
\n", "content_text": "When your company is responsible for one the largest IT outages in history, the U.S. government is going to want to hear more about it. \nAnd that\u2019s what took place Tuesday (Sept. 24), when the U.S. House Committee on Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection heard from Adam Meyers, senior vice president, counter adversary operations, at CrowdStrike, during a hearing entitled, \u201cAn Outage Strikes: Assessing the Global Impact of CrowdStrike\u2019s Faulty Software Update.\u201d\nThe July IT outage severely disrupted key functions of the global economy, resulting in cancellations of 3,000 commercial flights, delays of 11,800 other flights, cancellations of surgeries, disruptions to 911 emergency call centers, and\u00a0a need for companies\u00a0across nearly all commercial sectors to devote millions of manual labor hours to solving the problem.\nWhile members of the\u00a0House Homeland Security Committee\u00a0had originally asked\u00a0CrowdStrike\u00a0CEO\u00a0George Kurtz\u00a0to appear and give public testimony about the faulty software update, Kurtz instead sent Meyers as his deputy.\n\u201cThe sheer scale of this error was alarming. \u2026 We are here today to understand what went wrong,\u201d subcommittee Chairman Rep. Andrew Garbarino, R-N.Y., said to open the hearing. \n\u201cWe need CrowdStrike to be effective and successful because its efficacy and success are the effectiveness and success of its customers,\u201d added ranking member Rep. Eric Swalwell, D-Calif., noting that CrowdStrike holds 17.7% of the global cybersecurity market share.\u00a0 \nRead more:\u00a0CrowdStrike Outage Rolls On; Attention Turns to Software Update Quality Control\nCrowdStrike Incident: What Happened?\n\u201cJust over two months ago, we let our customers down,\u201d CrowdStrike\u2019s Meyers said to begin his testimony. \nCrowdStrike is used by 538 Fortune 1000 companies, 298 Fortune 500 firms, and 43 of 50 U.S. states.\nDelta\u00a0has claimed that the IT outage, which canceled over 5,000 of its flights, will cost it\u00a0$500 million, and in a report published Thursday (Sept. 19), Germany\u2019s Federal Office for Information Security (BSI) found that 10% of German-based organizations impacted by the July outage are dropping their current security vendors\u2019 products. \nAs PYMNTS reported at the start of the month, CrowdStrike\u00a0faces numerous legal challenges from the glitch that caused a\u00a0global tech outage, while writing about the incident in August, we argued here that the outage underscored the need for companies to have effective\u00a0disaster recovery plans.\nAsked by lawmakers how CrowdStrike is going to make it right \u201cfor the victims of the incident by making them whole \u2026 and create accountability for the space in the future,\u201d Meyers demurred and saying instead to the fact that 99.9% of systems were up and running soon after the incident. \nRegarding what actually happened that day in July, Meyers explained to lawmakers that one of CrowdStrike\u2019s Falcon threat detection configurations \u2014 which are sent daily to sensors running on Microsoft Windows devices \u2014 contained an extra input for which there was no defined action. This mismatch led the software to follow a configuration without knowing which rules to follow, triggering a malfunction until the problematic configurations were replaced.\u00a0 \nLawmakers from rural districts highlighted what they framed as a widening digital divide when questioning Meyers about CrowdStrike\u2019s recovery response and the delays suffered by organizations in their regions. \nRead more: Reducing the Attack Surface: How Data Breaches Imperil Corporate Networks\nState of Cybersecurity\nAs noted by Meyers during his testimony, advancements in threat detection, prevention and response capabilities have aided defenders in recent years, but adversaries have responded by increasingly adopting and relying on techniques to evade detection. This includes supply chain attacks, insider threats and identity-based attacks. Threat actors\u2019 speed also continues to accelerate as adversaries compress the time between initial entry, lateral movement, and \u201cactions of objective\u201d (like data exfiltration or attack). \nAt the same time, Meyers added, the rise of generative artificial intelligence (AI) has the potential to lower the barrier of entry for low-skilled adversaries, making it easier to launch attacks that are more sophisticated and state of the art. \n\u201cGood AI equals good cybersecurity,\u201d he said. \u201cThere\u2019s a wave of horizon threats that pertain to AI.\u201d \nAgainst this backdrop, Craigslist\u00a0founder\u00a0Craig Newmark\u00a0reportedly made a $100 million cybersecurity pledge last week (Sept. 18), saying that the United States is \u201cunder attack,\u201d and at risk for\u00a0hacking\u00a0by foreign governments.\nAnd elsewhere, Disney\u00a0reportedly plans to stop using workplace collaboration platform\u00a0Slack\u00a0following a recent data breach that exposed sensitive information. \n \nThe post Trending: Lawmakers Grill CrowdStrike on IT Outage and Cybersecurity Gaps appeared first on PYMNTS.com.", "date_published": "2024-09-24T17:41:53-04:00", "date_modified": "2024-09-24T21:49:05-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/09/CrowdStrike-outage-house-hearing.jpg", "tags": [ "Adam Meyers", "Andrew Garbarino", "CrowdStrike", "Cybersecurity", "Eric Swalwell", "Featured News", "George Kurtz", "House Committee on Homeland Security", "News", "PYMNTS News", "Subcommittee on Cybersecurity and Infrastructure Protection" ] }, { "id": "https://www.pymnts.com/?p=2105099", "url": "https://www.pymnts.com/cybersecurity/2024/moneygram-works-restore-systems-after-cybersecurity-issue/", "title": "MoneyGram Works to Restore Systems After \u2018Cybersecurity Issue\u2019", "content_html": "MoneyGram said Tuesday (Sept. 24) that it is working \u201caround the clock\u201d to bring its systems back online and resume normal business operations after finding a \u201ccybersecurity issue.\u201d
\n\u201cWe continue to make progress in successfully restoring some of our key transactional systems,\u201d the money transfer company said in a Tuesday post on social platform X.
\n\n\n\nWe continue to make progress in successfully restoring some of our key transactional systems. Our dedicated team is actively working around the clock on resuming normal business operations. Once all systems are fully operational, transactions that are currently pending will be\u2026
\n\u2014 MoneyGram (@MoneyGram) September 24, 2024
MoneyGram added in the post that transactions that are currently pending will be made available to customers when all its systems are fully operational.
\nThe post came three days after MoneyGram said it was experiencing a network outage impacting connectivity to some of its systems and was working to better understand the nature and scope of the issue.
\n\u201cWe recognize the importance and urgency of this matter to our customers,\u201d the company said in a Saturday (Sept. 21) post on X.
\n\n\n\nMoneyGram is experiencing a network outage impacting connectivity to a number of our systems. We are working diligently to better understand the nature and scope of the issue. We recognize the importance and urgency of this matter to our customers.
\n\u2014 MoneyGram (@MoneyGram) September 21, 2024
On Monday (Sept. 23), MoneyGram said it identified a cybersecurity issue affecting some of its systems.
\n\u201cUpon detection, we immediately launched an investigation and took protective steps to address it, including proactively taking systems offline which impacted network connectivity,\u201d the company said in a Monday post on X. \u201cWe are working with leading external cybersecurity experts and coordinating with law enforcement.\u201d
\n\n\n\nMoneyGram recently identified a cybersecurity issue affecting certain of our systems. Upon detection, we immediately launched an investigation and took protective steps to address it, including proactively taking systems offline which impacted network connectivity. We are\u2026
\n\u2014 MoneyGram (@MoneyGram) September 23, 2024
Eighty-two percent of eCommerce merchants experienced a cyber or data breach in the last year, according to the PYMNTS Intelligence report \u201cFraud Management in Online Transactions.\u201d
\nDirector of National Intelligence Avril Haines told Congress in May that there has been an alarming increase in cyberattacks worldwide and that companies in the United States have emerged as the primary targets for these attacks.
\nCyberattacks on city governments, healthcare systems and a sensitive data storage cloud infrastructure were some incidents that happened this summer that reminded businesses that security is critical, PYMNTS reported in June.
\nCyberattacks that targeted brands and celebrities on TikTok, lab services provider Synnovis, multi-cloud data warehousing platform Snowflake and others sparked concerns that fraudsters and criminal ransomware gangs may be deliberately targeting businesses whose customers and end users would suffer greatly from ongoing and extended disruptions to business. That way, they could exert more pressure on these organizations to pay a ransom, PYMNTS reported in July.
\nThe post MoneyGram Works to Restore Systems After \u2018Cybersecurity Issue\u2019 appeared first on PYMNTS.com.
\n", "content_text": "MoneyGram said Tuesday (Sept. 24) that it is working \u201caround the clock\u201d to bring its systems back online and resume normal business operations after finding a \u201ccybersecurity issue.\u201d\n\u201cWe continue to make progress in successfully restoring some of our key transactional systems,\u201d the money transfer company said in a Tuesday post on social platform X.\n\nWe continue to make progress in successfully restoring some of our key transactional systems. Our dedicated team is actively working around the clock on resuming normal business operations. Once all systems are fully operational, transactions that are currently pending will be\u2026\n\u2014 MoneyGram (@MoneyGram) September 24, 2024\n\nMoneyGram added in the post that transactions that are currently pending will be made available to customers when all its systems are fully operational.\nThe post came three days after MoneyGram said it was experiencing a network outage impacting connectivity to some of its systems and was working to better understand the nature and scope of the issue.\n\u201cWe recognize the importance and urgency of this matter to our customers,\u201d the company said in a Saturday (Sept. 21) post on X.\n\nMoneyGram is experiencing a network outage impacting connectivity to a number of our systems. We are working diligently to better understand the nature and scope of the issue. We recognize the importance and urgency of this matter to our customers.\n\u2014 MoneyGram (@MoneyGram) September 21, 2024\n\nOn Monday (Sept. 23), MoneyGram said it identified a cybersecurity issue affecting some of its systems.\n\u201cUpon detection, we immediately launched an investigation and took protective steps to address it, including proactively taking systems offline which impacted network connectivity,\u201d the company said in a Monday post on X. \u201cWe are working with leading external cybersecurity experts and coordinating with law enforcement.\u201d\n\nMoneyGram recently identified a cybersecurity issue affecting certain of our systems. Upon detection, we immediately launched an investigation and took protective steps to address it, including proactively taking systems offline which impacted network connectivity. We are\u2026\n\u2014 MoneyGram (@MoneyGram) September 23, 2024\n\nEighty-two percent of eCommerce merchants experienced a cyber or data breach in the last year, according to the PYMNTS Intelligence report \u201cFraud Management in Online Transactions.\u201d\nDirector of National Intelligence Avril Haines told Congress in May that there has been an alarming increase in cyberattacks worldwide and that companies in the United States have emerged as the primary targets for these attacks.\nCyberattacks on city governments, healthcare systems and a sensitive data storage cloud infrastructure were some incidents that happened this summer that reminded businesses that security is critical, PYMNTS reported in June.\nCyberattacks that targeted brands and celebrities on TikTok, lab services provider Synnovis, multi-cloud data warehousing platform Snowflake and others sparked concerns that fraudsters and criminal ransomware gangs may be deliberately targeting businesses whose customers and end users would suffer greatly from ongoing and extended disruptions to business. That way, they could exert more pressure on these organizations to pay a ransom, PYMNTS reported in July.\nThe post MoneyGram Works to Restore Systems After \u2018Cybersecurity Issue\u2019 appeared first on PYMNTS.com.", "date_published": "2024-09-24T16:03:28-04:00", "date_modified": "2024-09-24T16:03:28-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/09/MoneyGram.jpg", "tags": [ "Cybersecurity", "fraud", "MoneyGram", "News", "PYMNTS News", "Security", "What's Hot" ] }, { "id": "https://www.pymnts.com/?p=2101482", "url": "https://www.pymnts.com/cybersecurity/2024/craigslist-founder-craig-newmark-says-united-states-under-attack-from-hackers/", "title": "Craigslist Founder Craig Newmark Says US \u2018Under Attack\u2019 From Hackers", "content_html": "Saying the United States is \u201cunder attack,\u201d Craigslist founder Craig Newmark reportedly made a $100 million cybersecurity pledge.
\nNewmark said the country is at risk for hacking by foreign governments, The Wall Street Journal reported Wednesday (Sept. 18). As such, Newmark is donating $50 million to protect infrastructure like power grids against cyberterrorism, and the rest of the money to cybersecurity education.
\n\u201cThe country is under attack,\u201d said Newmark, per the report, adding that workers in the cybersecurity sector \u201cneed people to champion them.\u201d
\nNewmark painted scenarios in which connected products such as household appliances would be attacked and cause simultaneous fires, hindering a fire department\u2019s ability to respond, according to the report.
\nThe pledge is part of a larger plan by Newmark to give away the bulk of his wealth. In addition to the $100 million for cybersecurity, Newmark will have given or pledged more than $400 million since founding Craig Newmark Philanthropies in 2015, the report said.
\nHis efforts to beef up America\u2019s digital defenses come amid a wave of reported security breaches, outages and other cybersecurity incidents.
\n\u201c2024 is Already the Year of the Cyberattack\u201d read a PYMNTS headline July 4 after high-profile attacks that weakened the country\u2019s healthcare system and automotive sales industry.
\nSince then, there have been reports of ransomware attacks at the Paris Olympics and the Port of Seattle, as well as a mass outage of IT systems \u2014 affecting airports, banks and hospitals \u2014 tied to a software glitch at cybersecurity firm CrowdStrike.
\nCyber and data breaches are becoming almost unavoidable, and large businesses in the digital landscape will continue to be enticing targets for criminals due to their combination of valuable data, complex systems and the potential for substantial ransom payments.
\nIn interviews for the \u201cWhat\u2019s Next in Payments\u201d series, executives told PYMNTS that a multilayered security strategy, otherwise known as defense in depth, is vital for lowering risks at various levels. It\u2019s an approach that means employing multiple defensive measures across the enterprise network.
\nThe post Craigslist Founder Craig Newmark Says US \u2018Under Attack\u2019 From Hackers appeared first on PYMNTS.com.
\n", "content_text": "Saying the United States is \u201cunder attack,\u201d Craigslist founder Craig Newmark reportedly made a $100 million cybersecurity pledge.\nNewmark said the country is at risk for hacking by foreign governments, The Wall Street Journal reported Wednesday (Sept. 18). As such, Newmark is donating $50 million to protect infrastructure like power grids against cyberterrorism, and the rest of the money to cybersecurity education.\n\u201cThe country is under attack,\u201d said Newmark, per the report, adding that workers in the cybersecurity sector \u201cneed people to champion them.\u201d\nNewmark painted scenarios in which connected products such as household appliances would be attacked and cause simultaneous fires, hindering a fire department\u2019s ability to respond, according to the report.\nThe pledge is part of a larger plan by Newmark to give away the bulk of his wealth. In addition to the $100 million for cybersecurity, Newmark will have given or pledged more than $400 million since founding Craig Newmark Philanthropies in 2015, the report said.\nHis efforts to beef up America\u2019s digital defenses come amid a wave of reported security breaches, outages and other cybersecurity incidents.\n\u201c2024 is Already the Year of the Cyberattack\u201d read a PYMNTS headline July 4 after high-profile attacks that weakened the country\u2019s healthcare system and automotive sales industry.\nSince then, there have been reports of ransomware attacks at the Paris Olympics and the Port of Seattle, as well as a mass outage of IT systems \u2014 affecting airports, banks and hospitals \u2014 tied to a software glitch at cybersecurity firm CrowdStrike.\nCyber and data breaches are becoming almost unavoidable, and large businesses in the digital landscape will continue to be enticing targets for criminals due to their combination of valuable data, complex systems and the potential for substantial ransom payments.\nIn interviews for the \u201cWhat\u2019s Next in Payments\u201d series, executives told PYMNTS that a multilayered security strategy, otherwise known as defense in depth, is vital for lowering risks at various levels. It\u2019s an approach that means employing multiple defensive measures across the enterprise network.\nThe post Craigslist Founder Craig Newmark Says US \u2018Under Attack\u2019 From Hackers appeared first on PYMNTS.com.", "date_published": "2024-09-18T11:47:24-04:00", "date_modified": "2024-09-18T11:47:24-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/09/Craigslist-cybersecurity-connected-economy.jpg", "tags": [ "Connected Economy", "Craigslist", "Cybersecurity", "Data Breaches", "fraud", "funding", "Hackers", "News", "PYMNTS News", "scams", "Security", "What's Hot" ] }, { "id": "https://www.pymnts.com/?p=2101132", "url": "https://www.pymnts.com/cybersecurity/2024/crowdstrike-launches-subsidiary-to-provide-financing-solutions-for-cybersecurity-platform/", "title": "CrowdStrike Subsidiary to Finance Cybersecurity Platform Solutions", "content_html": "CrowdStrike has launched a wholly owned subsidiary that will provide tailored financing solutions for its CrowdStrike Falcon cybersecurity platform.
\nThe new CrowdStrike Financial Services aims to facilitate customers\u2019 access to the cybersecurity solution, the company said in a Tuesday (Sept. 17) press release.
\n\u201cOn our mission to stop breaches, we are committed to making every point in the security process frictionless for our customers and partners,\u201d George Kurtz, CEO and founder of CrowdStrike, said in the release.
\nCrowdStrike Financial Services offers in-house financing with easy-to-understand terms; flexible payments in the form of monthly, quarterly, annual, skip, step and customizable payment structures; and hands-on customer service from financial professionals during the product acquisition and throughout the financial agreement, according to the release.
\nCustomers can use this financing in combination with CrowdStrike\u2019s Falcon Flex, an adaptable licensing model that makes the Falcon platform\u2019s portfolio of modules more accessible to customers by allowing customers to use the modules they need, when they need them, per the release. They can also use the financing in standard licensing models.
\n\u201cThe Falcon Platform consolidates disjointed point products, Falcon Flex provides customers flexibility to deploy what they need, when they need it, and now CrowdStrike Financial Services transforms the financing experience by offering seamless and flexible options for adopting the Falcon platform,\u201d Kurtz said in the release.
\nEmbedded finance is increasingly being adopted in the business-to-business (B2B) landscape, PYMNTS reported in July. For example, nearly 83% of small and mid-sized businesses (SMBs) have said they wanted embedded financial services tied to the platforms they use, according to the PYMNTS Intelligence and American Express collaboration, \u201cEnd the Wait: SMBs and the Protracted Challenge of Delayed Payments.\u201d
\nWhen Qonto added its first in-house financing offer, \u201cPay later,\u201d to the business finance solutions it offers SMBs and freelancers in March, the company\u2019s CEO and co-founder, Alexandre Prot, said in a press release: \u201cThe launch of Pay later brings us one significant step closer to our goal of becoming the business finance solution of choice for 1 million European [SMBs] and freelancers by the end of 2025.\u201d
\nQonto was founded in 2016 to facilitate business banking for entrepreneurs and solopreneurs.
\nThe post CrowdStrike Subsidiary to Finance Cybersecurity Platform Solutions appeared first on PYMNTS.com.
\n", "content_text": "CrowdStrike has launched a wholly owned subsidiary that will provide tailored financing solutions for its CrowdStrike Falcon cybersecurity platform.\nThe new CrowdStrike Financial Services aims to facilitate customers\u2019 access to the cybersecurity solution, the company said in a Tuesday (Sept. 17) press release.\n\u201cOn our mission to stop breaches, we are committed to making every point in the security process frictionless for our customers and partners,\u201d George Kurtz, CEO and founder of CrowdStrike, said in the release.\nCrowdStrike Financial Services offers in-house financing with easy-to-understand terms; flexible payments in the form of monthly, quarterly, annual, skip, step and customizable payment structures; and hands-on customer service from financial professionals during the product acquisition and throughout the financial agreement, according to the release.\nCustomers can use this financing in combination with CrowdStrike\u2019s Falcon Flex, an adaptable licensing model that makes the Falcon platform\u2019s portfolio of modules more accessible to customers by allowing customers to use the modules they need, when they need them, per the release. They can also use the financing in standard licensing models.\n\u201cThe Falcon Platform consolidates disjointed point products, Falcon Flex provides customers flexibility to deploy what they need, when they need it, and now CrowdStrike Financial Services transforms the financing experience by offering seamless and flexible options for adopting the Falcon platform,\u201d Kurtz said in the release.\nEmbedded finance is increasingly being adopted in the business-to-business (B2B) landscape, PYMNTS reported in July. For example, nearly 83% of small and mid-sized businesses (SMBs) have said they wanted embedded financial services tied to the platforms they use, according to the PYMNTS Intelligence and American Express collaboration, \u201cEnd the Wait: SMBs and the Protracted Challenge of Delayed Payments.\u201d\nWhen Qonto added its first in-house financing offer, \u201cPay later,\u201d to the business finance solutions it offers SMBs and freelancers in March, the company\u2019s CEO and co-founder, Alexandre Prot, said in a press release: \u201cThe launch of Pay later brings us one significant step closer to our goal of becoming the business finance solution of choice for 1 million European [SMBs] and freelancers by the end of 2025.\u201d\nQonto was founded in 2016 to facilitate business banking for entrepreneurs and solopreneurs.\nThe post CrowdStrike Subsidiary to Finance Cybersecurity Platform Solutions appeared first on PYMNTS.com.", "date_published": "2024-09-17T18:08:46-04:00", "date_modified": "2024-09-17T23:22:07-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/09/CrowdStrike-financing.jpg", "tags": [ "CrowdStrike", "CrowdStrike Falcon", "CrowdStrike Financial Services", "Cybersecurity", "embedded finance", "Falcon Flex", "in-house financing", "News", "PYMNTS News", "What's Hot" ] }, { "id": "https://www.pymnts.com/?p=2099547", "url": "https://www.pymnts.com/cybersecurity/2024/seattle-port-still-on-high-alert-following-fast-moving-cyberattack/", "title": "Seattle Port Still on \u2018High Alert\u2019 Following \u2018Fast-Moving\u2019 Cyberattack\u00a0", "content_html": "The Port of Seattle has provided new details about a ransomware cyberattack last month.\u00a0
\nThe \u201cfast-moving\u201d incident on August 24 was carried out by a criminal organization known as Rhysida, the port, which also operates Seattle-Tacoma Airport, said in a news release Friday (Sept. 13).
\n\u201cOur investigation has determined that the unauthorized actor was able to gain access to certain parts of our computer systems and was able to encrypt access to some data,\u201d the release said.
\n\u201cWe took steps to block further activities including disconnecting our systems from the internet, but unfortunately, the encryption and our response actions hindered some port services including baggage, check-in kiosks, ticketing, Wi-Fi, passenger display boards, the Port of Seattle website, the flySEA app, and reserved parking.\u201d
\nThe port was able to restore most of those systems within a week, though some work is ongoing. The Port of Seattle also refused to pay the cyberattack ransom, which means the hackers could respond by posting stolen data on the darkweb.
\n\u201cAssessment of the data taken is complex and takes time, but we are committed to these efforts and notifying potentially impacted stakeholders as appropriate,\u201d the release said. \u201cIn particular, if we identify that the actor obtained employee or passenger personal information, we will carry out our responsibilities to inform them.\u201d
\nThe organization says it has been boosting security through measures like strengthening its identity management and authentication protocols and enhancing its monitoring. The port says it is still on \u201cheightened alert\u201d but adds that it is safe to travel from the airport and use the city’s maritime facilities.
\nIncidents such as these underscore the fact that traditional cybersecurity solutions, while still critical, \u201care no longer sufficient to safeguard against sophisticated attacks,\u201d PYMNTS wrote last month when news of the port attack first emerged.
\nTo safeguard critical assets and uphold operational integrity, organizations must combine established best practices with innovative, emerging security measures.
\nIn interviews for PYMNTS’ \u201cWhat\u2019s Next in Payments\u201d series, executives hammered home the same point: General best practices should be mixed with emerging security solutions, and that being proactive is the first step in protecting the perimeter.
\n\u201cA multilayered security strategy, also known as defense in depth, is essential for mitigating risks at various levels,\u201d PYMNTS wrote.\u00a0
\n\u201cThis approach involves implementing multiple defensive measures across the enterprise network, including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and network segmentation. By creating multiple barriers, organizations can prevent or contain breaches before they cause significant damage.\u201d
\n\u00a0
\nThe post Seattle Port Still on ‘High Alert’ Following ‘Fast-Moving’ Cyberattack\u00a0 appeared first on PYMNTS.com.
\n", "content_text": "The Port of Seattle has provided new details about a ransomware cyberattack last month.\u00a0\nThe \u201cfast-moving\u201d incident on August 24 was carried out by a criminal organization known as Rhysida, the port, which also operates Seattle-Tacoma Airport, said in a news release Friday (Sept. 13).\n\u201cOur investigation has determined that the unauthorized actor was able to gain access to certain parts of our computer systems and was able to encrypt access to some data,\u201d the release said.\n\u201cWe took steps to block further activities including disconnecting our systems from the internet, but unfortunately, the encryption and our response actions hindered some port services including baggage, check-in kiosks, ticketing, Wi-Fi, passenger display boards, the Port of Seattle website, the flySEA app, and reserved parking.\u201d \nThe port was able to restore most of those systems within a week, though some work is ongoing. The Port of Seattle also refused to pay the cyberattack ransom, which means the hackers could respond by posting stolen data on the darkweb.\n\u201cAssessment of the data taken is complex and takes time, but we are committed to these efforts and notifying potentially impacted stakeholders as appropriate,\u201d the release said. \u201cIn particular, if we identify that the actor obtained employee or passenger personal information, we will carry out our responsibilities to inform them.\u201d\nThe organization says it has been boosting security through measures like strengthening its identity management and authentication protocols and enhancing its monitoring. The port says it is still on \u201cheightened alert\u201d but adds that it is safe to travel from the airport and use the city’s maritime facilities.\nIncidents such as these underscore the fact that traditional cybersecurity solutions, while still critical, \u201care no longer sufficient to safeguard against sophisticated attacks,\u201d PYMNTS wrote last month when news of the port attack first emerged.\nTo safeguard critical assets and uphold operational integrity, organizations must combine established best practices with innovative, emerging security measures.\nIn interviews for PYMNTS’ \u201cWhat\u2019s Next in Payments\u201d series, executives hammered home the same point: General best practices should be mixed with emerging security solutions, and that being proactive is the first step in protecting the perimeter.\n\u201cA multilayered security strategy, also known as defense in depth, is essential for mitigating risks at various levels,\u201d PYMNTS wrote.\u00a0\n\u201cThis approach involves implementing multiple defensive measures across the enterprise network, including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and network segmentation. By creating multiple barriers, organizations can prevent or contain breaches before they cause significant damage.\u201d\n\u00a0\nThe post Seattle Port Still on ‘High Alert’ Following ‘Fast-Moving’ Cyberattack\u00a0 appeared first on PYMNTS.com.", "date_published": "2024-09-15T22:21:20-04:00", "date_modified": "2024-09-15T22:21:20-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/08/port-of-seattle-cybersecurity.jpg", "tags": [ "Cyberattack", "Cybersecurity", "Data Breach", "Hackers", "News", "Port of Seattle", "PYMNTS News", "ransomware", "ransomware attack", "What's Hot" ] }, { "id": "https://www.pymnts.com/?p=2099479", "url": "https://www.pymnts.com/cybersecurity/2024/23andme-reportedly-paying-30-million-to-settle-data-breach-suit/", "title": "23andMe Paying $30 Million to Settle Data Breach Suit", "content_html": "23andMe will pay $30 million to settle a lawsuit tied to a data breach.
\n“We have executed a settlement agreement for an aggregate cash payment of $30 million to settle all U.S. claims regarding the 2023 credential stuffing security incident,” the genetics testing company told PYMNTS Sunday (Sept. 15).
\n“Counsel for the plaintiffs have filed a motion for preliminary approval of this settlement agreement with the court. Roughly $25 million of the settlement and related legal expenses are expected to be covered by cyber insurance coverage. We continue to believe this settlement is in the best interest of 23andMe customers, and we look forward to finalizing the agreement.”
\nA Reuters report on the settlement notes that the company has agreed to provide three years of security monitoring as a result of the class-action litigation, which accused 23andMe of failing to protect the private information of almost 7 million customers exposed in the breach last year.
\nThe settlement also resolves allegations that 23andMe did not tell customers with Chinese and Ashkenazi Jewish ancestry that a hacker had apparently targeted them specifically, selling them on the dark web, Reuters added.
\nAccording to the report, 23andMe called the settlement fair and reasonable in its own court filing, but also cited its \u201cextremely uncertain financial condition,\u201d in asking the judge to pause arbitrations by tens of thousands of class members, until the settlement is approved or they decide not to participate.
\nThe company revealed the breach in October of last year, about six months after it began. The incident affected almost half of the 14.1 million customers in 23andMe\u2019s database at the time, Reuters said. A hacker accessed 5.5 million DNA Relatives profiles, which allow customers to share information with each other, along with information for another 1.4 million users of a feature called Family Tree.
\nAs PYMNTS wrote last month, large businesses such as 23andMe \u201cwill continue to be attractive targets for cybercriminals,\u201d as the \u201ccombination of valuable data, complex systems and the potential for significant ransom payments makes them particularly vulnerable.\u201d
\nSpeaking to PYMNTS for interviews for the \u201cWhat\u2019s Next in Payments\u201d series, executives stressed the need for the multilayered security strategy known as defense in depth to reduce risks at various levels.\u00a0
\nThat\u2019s because when an attacker gets access via stolen credentials, the potential for escalation is substantial, with minor disruption quickly spiraling into a full-scale disaster.
\n\u201cYou may not have realized it yet, but they\u2019re going to hit you,\u201d Amount Director of Product Management Garrett Laird told PYMNTS. \u201cThe fraudsters are jerks \u2014 and they like to hit you on holidays and on weekends, at 2 in the morning.\u201d
\nThe post 23andMe Paying $30 Million to Settle Data Breach Suit appeared first on PYMNTS.com.
\n", "content_text": "23andMe will pay $30 million to settle a lawsuit tied to a data breach.\n“We have executed a settlement agreement for an aggregate cash payment of $30 million to settle all U.S. claims regarding the 2023 credential stuffing security incident,” the genetics testing company told PYMNTS Sunday (Sept. 15).\n“Counsel for the plaintiffs have filed a motion for preliminary approval of this settlement agreement with the court. Roughly $25 million of the settlement and related legal expenses are expected to be covered by cyber insurance coverage. We continue to believe this settlement is in the best interest of 23andMe customers, and we look forward to finalizing the agreement.”\nA Reuters report on the settlement notes that the company has agreed to provide three years of security monitoring as a result of the class-action litigation, which accused 23andMe of failing to protect the private information of almost 7 million customers exposed in the breach last year.\nThe settlement also resolves allegations that 23andMe did not tell customers with Chinese and Ashkenazi Jewish ancestry that a hacker had apparently targeted them specifically, selling them on the dark web, Reuters added.\nAccording to the report, 23andMe called the settlement fair and reasonable in its own court filing, but also cited its \u201cextremely uncertain financial condition,\u201d in asking the judge to pause arbitrations by tens of thousands of class members, until the settlement is approved or they decide not to participate.\nThe company revealed the breach in October of last year, about six months after it began. The incident affected almost half of the 14.1 million customers in 23andMe\u2019s database at the time, Reuters said. A hacker accessed 5.5 million DNA Relatives profiles, which allow customers to share information with each other, along with information for another 1.4 million users of a feature called Family Tree.\nAs PYMNTS wrote last month, large businesses such as 23andMe \u201cwill continue to be attractive targets for cybercriminals,\u201d as the \u201ccombination of valuable data, complex systems and the potential for significant ransom payments makes them particularly vulnerable.\u201d\nSpeaking to PYMNTS for interviews for the \u201cWhat\u2019s Next in Payments\u201d series, executives stressed the need for the multilayered security strategy known as defense in depth to reduce risks at various levels.\u00a0\nThat\u2019s because when an attacker gets access via stolen credentials, the potential for escalation is substantial, with minor disruption quickly spiraling into a full-scale disaster.\n\u201cYou may not have realized it yet, but they\u2019re going to hit you,\u201d Amount Director of Product Management Garrett Laird told PYMNTS. \u201cThe fraudsters are jerks \u2014 and they like to hit you on holidays and on weekends, at 2 in the morning.\u201d\nThe post 23andMe Paying $30 Million to Settle Data Breach Suit appeared first on PYMNTS.com.", "date_published": "2024-09-15T16:25:00-04:00", "date_modified": "2024-09-15T18:25:23-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/09/23andMe.jpg", "tags": [ "23andMe", "cyberattacks", "Cybersecurity", "Data Breaches", "data security", "DNA Relatives", "Family Tree", "News", "PYMNTS News", "What's Hot" ] }, { "id": "https://www.pymnts.com/?p=2099098", "url": "https://www.pymnts.com/cybersecurity/2024/behind-the-screens-how-threat-intelligence-keeps-digital-payments-secure/", "title": "Behind the Screens: How Threat Intelligence Keeps Digital Payments Secure", "content_html": "It is, by this point in human history, an undoubtedly digital world.
\nAnd in the contemporary age, where commerce increasingly happens online and payment systems have become more intertwined with complex technologies, the importance of cybersecurity \u2014 and beyond just that, widening the aperture on threat intelligence \u2014 has never been more critical.
\nThe news Thursday (Sept. 12) that Mastercard has made a $2.65 billion bet on cybersecurity by acquiring threat intelligence company\u00a0Recorded Future only serves to put an exclamation point on this emerging fact.
\nAfter all, digital payments, ranging from traditional card transactions to emerging instant payment mechanisms, are a vital component of modern economies. However, as the volume of these payments increases, so does the sophistication and frequency of cyber threats targeting this ecosystem.
\n\u201cIf you think about our hyperconnected and interdependent digital world \u2026 almost every day that goes by sees the expansion of the digital footprint,\u201d Johan Gerber, executive vice president of security solutions at Mastercard, told PYMNTS\u00a0in an exclusive interview about the acquisition, which is expected to be finalized by the first quarter of 2025.
\nAlong the way, Gerber added, the lines between cybercrime and fraud are collapsing, as stolen credentials are harvested when a website is breached. The stolen credentials are used for scams and social engineering, and card and other types of fraud are rampant.
\nAgainst this backdrop, understanding the risks and developing robust strategies to protect digital payment systems is paramount for businesses, financial institutions, and consumers alike.
\nRead more: Aligning Payments and Data Operations With Compliance and Cyber Risks\u00a0
\nThe digital payments landscape has evolved rapidly over the past decade. FinTech innovations, mobile payment apps, contactless technologies and more have transformed the way consumers and businesses transact.
\nWith 85% of\u00a0Generation Z\u00a0and 82% of\u00a0millennials\u00a0preferring\u00a0contactless digital payments, the demand for these technologies is reshaping the\u00a0payments\u00a0industry.\u00a0According to the PYMNTS Intelligence\u00a0report, \u201cTapping Into the Future of Payments,\u201d 91% of Gen Z consumers are adopting digital-first payments, outpacing other age groups.
\nThe benefits of this evolution are clear \u2014 convenience, speed and cost-effectiveness. However, as payment methods diversify, they introduce new vulnerabilities. Unlike traditional payment systems that operate within well-defined regulatory and security frameworks, emerging technologies like, real-time payments, embedded finance solutions and more often lack the same maturity in terms of security infrastructure. This creates a fertile environment for cybercriminals, who continuously adapt to exploit these emerging weaknesses.
\nBut while the threat landscape is evolving, so too are the tools and strategies designed to combat cyber risks. Threat intelligence, which involves collecting and analyzing data about potential cyber threats, plays a crucial role in preventing, identifying and mitigating attacks. By leveraging threat intelligence, businesses and financial institutions can stay ahead of cybercriminals by anticipating their tactics, techniques and procedures (TTPs).
\nFor example, threat intelligence\u2019s ability to provide real-time insights into emerging threats can identify vulnerabilities like new phishing campaigns targeting payment providers, or detect unusual patterns in transaction data that may indicate fraud. These insights can then be used to update security protocols, strengthen authentication measures or block suspicious activity before it results in significant financial loss.
\nSee also:\u00a0Guarding the Gate: Cyberattacks Won\u2019t Stop, but Their Fallout Can Be Prevented
\nPer Recorded Future\u2019s site, threat intelligence can be broadly categorized into four main types: tactical threat intelligence, operational threat Intelligence, strategic threat Intelligence and technical threat Intelligence.
\nTactical threat Intelligence focuses on the immediate TTPs used by cybercriminals in attacks. It includes details such as malware signatures, phishing methods or known vulnerabilities. This type of intelligence is short-term and helps cybersecurity teams quickly detect and respond to threats.
\nOperational threat Intelligence provides insights into specific cyberattacks, including details on the nature, timing and motivation behind the threats. This intelligence is often gathered from past incidents and helps organizations understand the context and potential impact of current or future attacks, enabling better incident response planning.
\nStrategic threat Intelligence offers a broader, long-term view of the threat landscape, focusing on trends, emerging risks and geopolitical or market factors that could influence cyber threats. This type of intelligence is used by high-level decision-makers to inform security strategy, policy and resource allocation.
\nAnd finally, technical threat intelligence involves the collection of technical indicators of compromise (IoCs), such as IP addresses, domains, and file hashes associated with malicious activity. This intelligence is highly technical and used by security professionals to configure defense systems, block malicious traffic or prevent specific attacks.
\nThe post Behind the Screens: How Threat Intelligence Keeps Digital Payments Secure appeared first on PYMNTS.com.
\n", "content_text": "It is, by this point in human history, an undoubtedly digital world.\nAnd in the contemporary age, where commerce increasingly happens online and payment systems have become more intertwined with complex technologies, the importance of cybersecurity \u2014 and beyond just that, widening the aperture on threat intelligence \u2014 has never been more critical.\nThe news Thursday (Sept. 12) that Mastercard has made a $2.65 billion bet on cybersecurity by acquiring threat intelligence company\u00a0Recorded Future only serves to put an exclamation point on this emerging fact.\nAfter all, digital payments, ranging from traditional card transactions to emerging instant payment mechanisms, are a vital component of modern economies. However, as the volume of these payments increases, so does the sophistication and frequency of cyber threats targeting this ecosystem.\n\u201cIf you think about our hyperconnected and interdependent digital world \u2026 almost every day that goes by sees the expansion of the digital footprint,\u201d Johan Gerber, executive vice president of security solutions at Mastercard, told PYMNTS\u00a0in an exclusive interview about the acquisition, which is expected to be finalized by the first quarter of 2025.\nAlong the way, Gerber added, the lines between cybercrime and fraud are collapsing, as stolen credentials are harvested when a website is breached. The stolen credentials are used for scams and social engineering, and card and other types of fraud are rampant.\nAgainst this backdrop, understanding the risks and developing robust strategies to protect digital payment systems is paramount for businesses, financial institutions, and consumers alike.\nRead more: Aligning Payments and Data Operations With Compliance and Cyber Risks\u00a0\nThreat Intelligence as a Guardrail for Digital Payment Systems\nThe digital payments landscape has evolved rapidly over the past decade. FinTech innovations, mobile payment apps, contactless technologies and more have transformed the way consumers and businesses transact.\nWith 85% of\u00a0Generation Z\u00a0and 82% of\u00a0millennials\u00a0preferring\u00a0contactless digital payments, the demand for these technologies is reshaping the\u00a0payments\u00a0industry.\u00a0According to the PYMNTS Intelligence\u00a0report, \u201cTapping Into the Future of Payments,\u201d 91% of Gen Z consumers are adopting digital-first payments, outpacing other age groups.\nThe benefits of this evolution are clear \u2014 convenience, speed and cost-effectiveness. However, as payment methods diversify, they introduce new vulnerabilities. Unlike traditional payment systems that operate within well-defined regulatory and security frameworks, emerging technologies like, real-time payments, embedded finance solutions and more often lack the same maturity in terms of security infrastructure. This creates a fertile environment for cybercriminals, who continuously adapt to exploit these emerging weaknesses.\nBut while the threat landscape is evolving, so too are the tools and strategies designed to combat cyber risks. Threat intelligence, which involves collecting and analyzing data about potential cyber threats, plays a crucial role in preventing, identifying and mitigating attacks. By leveraging threat intelligence, businesses and financial institutions can stay ahead of cybercriminals by anticipating their tactics, techniques and procedures (TTPs).\nFor example, threat intelligence\u2019s ability to provide real-time insights into emerging threats can identify vulnerabilities like new phishing campaigns targeting payment providers, or detect unusual patterns in transaction data that may indicate fraud. These insights can then be used to update security protocols, strengthen authentication measures or block suspicious activity before it results in significant financial loss.\nSee also:\u00a0Guarding the Gate: Cyberattacks Won\u2019t Stop, but Their Fallout Can Be Prevented\nEnterprise Cybersecurity: Embracing a Dynamic Approach\nPer Recorded Future\u2019s site, threat intelligence can be broadly categorized into four main types: tactical threat intelligence, operational threat Intelligence, strategic threat Intelligence and technical threat Intelligence.\nTactical threat Intelligence focuses on the immediate TTPs used by cybercriminals in attacks. It includes details such as malware signatures, phishing methods or known vulnerabilities. This type of intelligence is short-term and helps cybersecurity teams quickly detect and respond to threats.\nOperational threat Intelligence provides insights into specific cyberattacks, including details on the nature, timing and motivation behind the threats. This intelligence is often gathered from past incidents and helps organizations understand the context and potential impact of current or future attacks, enabling better incident response planning.\nStrategic threat Intelligence offers a broader, long-term view of the threat landscape, focusing on trends, emerging risks and geopolitical or market factors that could influence cyber threats. This type of intelligence is used by high-level decision-makers to inform security strategy, policy and resource allocation.\nAnd finally, technical threat intelligence involves the collection of technical indicators of compromise (IoCs), such as IP addresses, domains, and file hashes associated with malicious activity. This intelligence is highly technical and used by security professionals to configure defense systems, block malicious traffic or prevent specific attacks.\nThe post Behind the Screens: How Threat Intelligence Keeps Digital Payments Secure appeared first on PYMNTS.com.", "date_published": "2024-09-13T16:44:45-04:00", "date_modified": "2024-09-15T22:16:58-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/09/threat-intelligence-digital-payments.png", "tags": [ "acquisitions", "B2B", "B2B Payments", "commercial payments", "cyberattacks", "Cybercrime", "Cybersecurity", "Data Breaches", "Digital Payments", "fraud", "MasterCard", "News", "payments", "PYMNTS News", "Recorded Future", "Security", "Technology", "threat intelligence" ] }, { "id": "https://www.pymnts.com/?p=2098066", "url": "https://www.pymnts.com/cybersecurity/2024/aligning-payments-and-data-operations-with-compliance-and-cyber-risks/", "title": "Aligning Payments and Data Operations With Compliance and Cyber Risks", "content_html": "As businesses move online and data becomes a critical asset, organizations must navigate a minefield of potential threats.
\nAnd with the news Thursday (Sept. 12) that Lehigh Valley Health Network (LVHN), one of the largest primary care groups in Pennsylvania, has paid a $65 million settlement to patients impacted by a breach that saw their sensitive personal information stolen by a criminal ransomware gang, socializing best practices across the entire organization and fostering a culture of security is top of mind for firms across sectors \u2014 particularly for leaders like chief information security officers (CISOs).
\nAfter all, as cyber events become not just a bug but a feature of business operations, the need for effectively communicating cyber-risk to internal leadership teams and C-suite colleagues has never been more pressing.
\nParticularly as businesses in critical sectors like financial services move to adopt innovations like real-time payments, mobile wallets and other advances, the potential points of vulnerability multiply. Cybercriminals are no longer just focused on hacking networks; they are targeting payment ecosystems that contain sensitive data, including customer payment credentials, transaction histories, and personally identifiable information (PII).
\nPYMNTS Intelligence finds that just 57% of Americans trust financial institutions (FIs) to protect their data.
\nTo manage today\u2019s risks, as well as protect against tomorrow\u2019s, organizations need a holistic approach to payments and data security that integrates compliance into everyday operations.
\nRead more: Decoding Cybersecurity: Understanding FedRAMP and ISO 27001 Standards
\nAligning payments and data operations with cybersecurity efforts is an intricate process, largely because these functions traditionally existed and operated in silos. Payment teams often focus on transaction speed, efficiency and customer experience, while cybersecurity teams concentrate on risk mitigation and data protection. But this fragmented approach weakens the company\u2019s defense mechanisms and failing to integrate these priorities can lead to vulnerabilities that cybercriminals exploit.
\nModern consumers and businesses expect payments to be instantaneous, but real-time payment systems come with real-time cyber risks. Striking a balance between the need for speed and stringent security measures is crucial. CISOs must work closely with payment teams to ensure that cybersecurity protocols do not hamper operational efficiency while maintaining robust security standards.
\nThe cyber threat landscape is in constant flux, with ransomware attacks, phishing schemes and fraud evolving rapidly. Payment systems are particularly attractive to cybercriminals because they are gateways to financial gain. Payment fraud, business email compromise (BEC) and identity theft are becoming increasingly sophisticated, forcing CISOs to be agile and proactive in their approach.
\n\u201cSecurity events and security alerts are something we deal with every single minute of every day,\u201d\u00a0David Drossman, chief information security officer at\u00a0The Clearing House\u00a0(TCH), told PYMNTS for the series, \u201cWhat\u2019s Next in Payments: Protecting the Perimeter.\u201d
\n\u201cThe key for us is to make sure that none of those events or alerts become incidents or major crises,\u201d Drossman said.
\nResearch from PYMNTS Intelligence has shown that\u00a0virtual cards and digital spend\u00a0management solutions can help finance departments close the books faster while guarding against fraud.
\nSee also:\u00a0Guarding the Gate: Cyberattacks Won\u2019t Stop, but Their Fallout Can Be Prevented
\nIn\u00a0separate interviews\u00a0for the \u201cWhat\u2019s Next in Payments\u201d series, executives also stressed\u00a0to PYMNTS\u00a0that a multilayered security strategy, also known as\u00a0defense in depth, is crucial for reducing risks at various levels. This approach means implementing multiple defensive measures across the enterprise network.
\nOne of those key\u00a0defensive layers\u00a0is increasingly the digitizing of\u00a0legacy and paper-based\u00a0payment workflows. With workflows digitized, businesses are able to turn to artificial intelligence (AI) and machine learning (ML) technologies to detect anomalies in payment transactions in real time. These systems can analyze vast amounts of data to identify unusual patterns that may indicate fraud or cyberattacks.
\nFor instance, AI can monitor payment systems for irregularities, such as unauthorized access attempts or unusual transaction patterns, and automatically flag them for further investigation. This proactive approach strengthens the organization\u2019s ability to defend against emerging threats.
\nAt the same time, CISOs need the backing of the C-suite to drive a company-wide focus on cybersecurity and compliance. Engaging leadership through regular reporting on security metrics, potential risks, and the financial implications of non-compliance can help secure the necessary resources and buy-in from decision-makers.
\nThe post Aligning Payments and Data Operations With Compliance and Cyber Risks appeared first on PYMNTS.com.
\n", "content_text": "As businesses move online and data becomes a critical asset, organizations must navigate a minefield of potential threats.\nAnd with the news Thursday (Sept. 12) that Lehigh Valley Health Network (LVHN), one of the largest primary care groups in Pennsylvania, has paid a $65 million settlement to patients impacted by a breach that saw their sensitive personal information stolen by a criminal ransomware gang, socializing best practices across the entire organization and fostering a culture of security is top of mind for firms across sectors \u2014 particularly for leaders like chief information security officers (CISOs).\nAfter all, as cyber events become not just a bug but a feature of business operations, the need for effectively communicating cyber-risk to internal leadership teams and C-suite colleagues has never been more pressing.\nParticularly as businesses in critical sectors like financial services move to adopt innovations like real-time payments, mobile wallets and other advances, the potential points of vulnerability multiply. Cybercriminals are no longer just focused on hacking networks; they are targeting payment ecosystems that contain sensitive data, including customer payment credentials, transaction histories, and personally identifiable information (PII).\nPYMNTS Intelligence finds that just 57% of Americans trust financial institutions (FIs) to protect their data.\nTo manage today\u2019s risks, as well as protect against tomorrow\u2019s, organizations need a holistic approach to payments and data security that integrates compliance into everyday operations.\nRead more: Decoding Cybersecurity: Understanding FedRAMP and ISO 27001 Standards\nThe Evolving Landscape of Payments and Cybersecurity\nAligning payments and data operations with cybersecurity efforts is an intricate process, largely because these functions traditionally existed and operated in silos. Payment teams often focus on transaction speed, efficiency and customer experience, while cybersecurity teams concentrate on risk mitigation and data protection. But this fragmented approach weakens the company\u2019s defense mechanisms and failing to integrate these priorities can lead to vulnerabilities that cybercriminals exploit.\nModern consumers and businesses expect payments to be instantaneous, but real-time payment systems come with real-time cyber risks. Striking a balance between the need for speed and stringent security measures is crucial. CISOs must work closely with payment teams to ensure that cybersecurity protocols do not hamper operational efficiency while maintaining robust security standards.\nThe cyber threat landscape is in constant flux, with ransomware attacks, phishing schemes and fraud evolving rapidly. Payment systems are particularly attractive to cybercriminals because they are gateways to financial gain. Payment fraud, business email compromise (BEC) and identity theft are becoming increasingly sophisticated, forcing CISOs to be agile and proactive in their approach.\n\u201cSecurity events and security alerts are something we deal with every single minute of every day,\u201d\u00a0David Drossman, chief information security officer at\u00a0The Clearing House\u00a0(TCH), told PYMNTS for the series, \u201cWhat\u2019s Next in Payments: Protecting the Perimeter.\u201d\n\u201cThe key for us is to make sure that none of those events or alerts become incidents or major crises,\u201d Drossman said.\nResearch from PYMNTS Intelligence has shown that\u00a0virtual cards and digital spend\u00a0management solutions can help finance departments close the books faster while guarding against fraud.\nSee also:\u00a0Guarding the Gate: Cyberattacks Won\u2019t Stop, but Their Fallout Can Be Prevented\nSocializing Best Practices Across the Organization\nIn\u00a0separate interviews\u00a0for the \u201cWhat\u2019s Next in Payments\u201d series, executives also stressed\u00a0to PYMNTS\u00a0that a multilayered security strategy, also known as\u00a0defense in depth, is crucial for reducing risks at various levels. This approach means implementing multiple defensive measures across the enterprise network.\nOne of those key\u00a0defensive layers\u00a0is increasingly the digitizing of\u00a0legacy and paper-based\u00a0payment workflows. With workflows digitized, businesses are able to turn to artificial intelligence (AI) and machine learning (ML) technologies to detect anomalies in payment transactions in real time. These systems can analyze vast amounts of data to identify unusual patterns that may indicate fraud or cyberattacks.\nFor instance, AI can monitor payment systems for irregularities, such as unauthorized access attempts or unusual transaction patterns, and automatically flag them for further investigation. This proactive approach strengthens the organization\u2019s ability to defend against emerging threats.\nAt the same time, CISOs need the backing of the C-suite to drive a company-wide focus on cybersecurity and compliance. Engaging leadership through regular reporting on security metrics, potential risks, and the financial implications of non-compliance can help secure the necessary resources and buy-in from decision-makers.\nThe post Aligning Payments and Data Operations With Compliance and Cyber Risks appeared first on PYMNTS.com.", "date_published": "2024-09-12T10:56:57-04:00", "date_modified": "2024-09-12T10:56:57-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/07/cybersecurity-data-breaches.jpg", "tags": [ "chief information security officers", "CISOs", "Cyber Risk", "Cybersecurity", "data", "Data Breaches", "fraud", "Lehigh Valley Health Network", "News", "payments", "PYMNTS News", "Security", "Technology" ] }, { "id": "https://www.pymnts.com/?p=2095733", "url": "https://www.pymnts.com/cybersecurity/2024/telegrams-criminal-use-spotlighted-after-ceos-arrest/", "title": "Telegram\u2019s Criminal Use Spotlighted After CEO\u2019s Arrest", "content_html": "The recent arrest of Telegram\u2019s CEO has put the platform\u2019s criminal connections in the spotlight.
\nThe messaging app has become the \u201cpremiere\u201d platform for people seeking weapons, stolen data, illegal drugs and child sexual abuse material, the Wall Street Journal reported Sunday (Sept. 8), citing interviews with law-enforcement officials and cybercrime researchers.
\nThe report notes that the platform \u2014 which combines messaging and social networking \u2014 is easy to use, claims it has never revealed user data to any third party, and has a \u201claissez-faire approach\u201d to content moderation.
\nLast month, authorities in France arrested Pavel Durov, the Russian-born billionaire who founded Telegram, charging him with complicity in distributing child pornography, illegal drugs and hacking software on the app, as well as with refusing to cooperate with investigations into illegal activity on the platform.
\nThe company issued a statement saying it abides by European laws, including the Digital Services Act, and that its moderation is in keeping with industry standards.
\n\u201cIt is absurd to claim that a platform or its owner are responsible for abuse of that platform,\u201d the company wrote on X. \u201cAlmost a billion users globally use Telegram as means of communication and as a source of vital information. We\u2019re awaiting a prompt resolution of this situation. Telegram is with you all.\u201d
\nDurov told the WSJ that while Telegram wasn\u2019t perfect it was not a \u201csort of anarchic paradise,” adding that the company was willing to hold dialogue with regulators.
\nThe report \u2014 citing chat records and researchers \u2014 says that drug traffickers, pedophile rings and identity thieves use Telegram as a \u201cshop window\u201d to sell their wares, with one channel advertising a stream of passports, ID cards and selfies that fraudsters could use to open bogus bank accounts. This channel was removed when the WSJ questioned Telegram for the article.
\nPYMNTS examined the ease with which criminals can steal a person\u2019s identity earlier this year in a conversation with Bryan Lewis, CEO of Intellicheck. The raw materials are surprisingly cheap. Criminals and crime rings can purchase names, addresses, Social Security numbers and emails for $30 to $40.
\nAt the same time, Lewis noted, treating everyone like a criminal is bad for business. The key, he added, is to let people prove their identities in the simplest way.
\n\u201cIf you can tell that a government-issued ID is real, that\u2019s the most important step,\u201d Lewis said. \u201cAfter that, you can use the face or something else, because now we\u2019ve tied a face or voice to an identity \u2014 and you can create an immutable token.\u201d
\nThe post Telegram’s Criminal Use Spotlighted After CEO’s Arrest appeared first on PYMNTS.com.
\n", "content_text": "The recent arrest of Telegram\u2019s CEO has put the platform\u2019s criminal connections in the spotlight.\nThe messaging app has become the \u201cpremiere\u201d platform for people seeking weapons, stolen data, illegal drugs and child sexual abuse material, the Wall Street Journal reported Sunday (Sept. 8), citing interviews with law-enforcement officials and cybercrime researchers.\nThe report notes that the platform \u2014 which combines messaging and social networking \u2014 is easy to use, claims it has never revealed user data to any third party, and has a \u201claissez-faire approach\u201d to content moderation.\nLast month, authorities in France arrested Pavel Durov, the Russian-born billionaire who founded Telegram, charging him with complicity in distributing child pornography, illegal drugs and hacking software on the app, as well as with refusing to cooperate with investigations into illegal activity on the platform.\nThe company issued a statement saying it abides by European laws, including the Digital Services Act, and that its moderation is in keeping with industry standards.\n\u201cIt is absurd to claim that a platform or its owner are responsible for abuse of that platform,\u201d the company wrote on X. \u201cAlmost a billion users globally use Telegram as means of communication and as a source of vital information. We\u2019re awaiting a prompt resolution of this situation. Telegram is with you all.\u201d\nDurov told the WSJ that while Telegram wasn\u2019t perfect it was not a \u201csort of anarchic paradise,” adding that the company was willing to hold dialogue with regulators.\nThe report \u2014 citing chat records and researchers \u2014 says that drug traffickers, pedophile rings and identity thieves use Telegram as a \u201cshop window\u201d to sell their wares, with one channel advertising a stream of passports, ID cards and selfies that fraudsters could use to open bogus bank accounts. This channel was removed when the WSJ questioned Telegram for the article.\nPYMNTS examined the ease with which criminals can steal a person\u2019s identity earlier this year in a conversation with Bryan Lewis, CEO of Intellicheck. The raw materials are surprisingly cheap. Criminals and crime rings can purchase names, addresses, Social Security numbers and emails for $30 to $40.\nAt the same time, Lewis noted, treating everyone like a criminal is bad for business. The key, he added, is to let people prove their identities in the simplest way.\n\u201cIf you can tell that a government-issued ID is real, that\u2019s the most important step,\u201d Lewis said. \u201cAfter that, you can use the face or something else, because now we\u2019ve tied a face or voice to an identity \u2014 and you can create an immutable token.\u201d\nThe post Telegram’s Criminal Use Spotlighted After CEO’s Arrest appeared first on PYMNTS.com.", "date_published": "2024-09-08T20:03:56-04:00", "date_modified": "2024-09-08T20:03:56-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/03/Telegram-IPO.jpg", "tags": [ "Cybercrime", "cybercriminals", "ID fraud", "ID security", "ID Theft", "News", "Pavel Durov", "PYMNTS News", "Social Media", "Telegram", "What's Hot", "Cybersecurity" ] } ] }