Latest news with #cyberthreats
Free Malaysia Today
21 hours ago
- Politics
- Free Malaysia Today
Microsoft says to step up AI-powered European cybersecurity
Microsoft has accused Russia, China, Iran and North Korea of being behind the infiltration of European computer networks for espionage. (EPA Images pic) PARIS : US tech giant Microsoft said today that it would step up its cooperation with European governments against cyber threats, including by deploying AI-powered intelligence gathering. Its new European Security Programme 'puts AI at the centre of our work as a tool to protect traditional cybersecurity needs,' Microsoft vice chairman Brad Smith wrote in a blog post. Aiming to deliver real-time intelligence about cyber threats to governments, the scheme will extend to the '27 EU member states, as well as EU accession countries, members of the European Free Trade Association (EFTA), the UK, Monaco, and the Vatican,' he added. Microsoft accused the governments of Russia, China, Iran and North Korea of being behind the infiltration of European computer networks for espionage and other purposes. Meanwhile, cybercriminals are expanding attacks using tools such as ransomware, which encrypts data on victims' computers and demands they fork over cash to unlock it again. 'We see 600 million attacks on our customers every single day,' Smith told reporters in a briefing ahead of the blog post's release, calling cyber defence a 'multi-billion-dollar expense for customers across Europe'. 'AI systems can help detect and identify new forms of attack,' Smith wrote in his blog post. However, Microsoft has seen malicious actors using the technology for everything from researching targets to writing code and 'social engineering' – or convincing human employees to facilitate access by hackers. ''Influence operations' by nation-states are increasingly using AI to mislead and deceive, including with convincing 'deepfake' images, audio and video,' Smith added. The company itself 'tracks any malicious use of new AI models we release and proactively prevents known threat actors from using them,' he wrote. Microsoft last month helped police across Europe take down large swathes of digital infrastructure supporting an 'infostealing' network, Lumma, that had been gathering sensitive information like passwords and crypto wallets from victims' devices. In future, members of the company's digital crimes unit will be embedded with Europol's cybercrime specialists in The Hague, Smith wrote, part of a broader increase in collaboration with European security forces. Microsoft's cybersecurity effort is part of a wider push to increase its operations in Europe. The drive comes as trade tensions simmer between the EU and the Trump administration in the US, with many voices questioning European firms' strategic dependence on American-made technology.
Entrepreneur
3 days ago
- Business
- Entrepreneur
Data Breaches Now Cost More Than Just Data
"The 8% drop in Victoria's Secret's stock, translating to over USD 150 million in lost market value, shows that cybersecurity breaches are now perceived as significant financial risks," says Manoj Joshi, Group CEO, SA Technologies Opinions expressed by Entrepreneur contributors are their own. You're reading Entrepreneur India, an international franchise of Entrepreneur Media. One of the primary reasons ransomware remains the favourite cyberweapon among malicious actors is its sheer profitability. In 2023 alone, ransomware gangs extorted over USD 1.1 billion in cryptocurrency payments from victims globally, according to blockchain analytics firm Chainalysis. In India, nearly one million ransomware detections were reported in the past year alone. According to Palo Alto Networks' Unit 42 Extortion and Ransomware Trends (Jan–Mar 2025), the country experiences one ransomware incident for every 595 detections and one malware incident for every 40,000 detections, underscoring the volume and scale of cyber threats. The volatile geopolitical climate makes the threat landscape even more complex. The industry is observing more trends in state-backed actors than ever before. "In a rapidly transforming country like India, organisations are navigating a complex mix of modern and legacy changes. The rapid adoption of AI has empowered organisations and threat actors alike. This highlights the urgent need for organisations to bolster their cybersecurity framework and incorporate comprehensive security measures to fortify their defences against complex ransomware campaigns," said Huzefa Motiwala, Senior Director, Technical Solutions, India and SAARC, Palo Alto Networks. Business fallout: the Victoria's Secret case The impact of ransomware isn't limited to temporary technical disruptions; it strikes at the heart of business continuity and brand trust. On 28 May 2026, lingerie retailer Victoria's Secret took its website offline following a cyberattack. Though the exact nature of the incident remains undisclosed, such outages are typically attributed to ransomware. Commenting on the outage, officials said on the website, "Valued customer, we identified and are taking steps to address a security incident. We have taken down our website and some in-store services as a precaution. Our team is working around the clock to fully restore operations… We appreciate your patience during this process. In the meantime, our Victoria's Secret and PINK stores remain open and we look forward to serving you." Following the incident, Victoria's Secret saw an 8 per cent drop in its share price. "The 8 per cent drop in Victoria's Secret's stock, translating to over USD 150 million in lost market value, shows that cybersecurity breaches are now perceived as significant financial risks," explained Manoj Joshi, Group CEO, SA Technologies. Joshi further noted that investor reactions are swift and driven by anticipated disruptions to operations, potential regulatory liabilities, and reputational damage. "With the average cost of a data breach reaching USD 4.45 million in 2023 (IBM), it's evident that robust cybersecurity isn't just an IT concern—it's fundamental to investor confidence and long-term enterprise value," he added. Long-term damage The brand reputation damage from a single cyberattack can be long-lasting, especially in trust-driven sectors like retail, healthcare, and BFSI. "Absolutely," confirms Joshi. "A single attack can have a lasting impact on brand credibility. Yahoo's data breach, for instance, slashed USD 350 million from its acquisition value during the Verizon deal," Joshi said. While citing the example from Ping Identity, Joshi emphasised, "Consumers aren't quick to forgive—81 per cent say they would stop interacting with a brand online after a data breach." Echoing the same sentiment, Amit Jaju from Ankura Consulting said, "Cyberattacks can cause irreversible harm to brand trust and consumer loyalty. In Victoria's Secret's case, the reputational hit is significant. Studies show up to a third of customers may abandon a brand following a breach. In India, where consumer trust is built gradually, brands must invest in transparency and long-term recovery strategies to avoid lasting damage." Lessons in data protection The Victoria's Secret breach is a textbook example of why organisations must go beyond perimeter security. "This breach is a wake-up call for proactive cybersecurity," says Joshi. "Businesses must invest in real-time threat detection, adopt zero-trust frameworks, and maintain clear, transparent communication when incidents occur. One often overlooked aspect is third-party risk—Verizon's 2025 DBIR shows that vendor-related breaches have doubled to 30 per cent. Strong vendor governance is essential," Joshi explained. For consumers, Joshi suggested simple but consistent practices like using strong passwords, enabling two-factor authentication, and avoiding suspicious links.
South China Morning Post
3 days ago
- Politics
- South China Morning Post
Hong Kong police received over 440,000 leads on cyberattacks against city in 2024
Hong Kong police received more than 440,000 pieces of intelligence on cyberthreats targeting the city last year, while 5 per cent of publicly accessible technology assets owned by critical infrastructure operators were vulnerable to online attacks, a first-of-its kind review has found. In a report released on Monday, police said they assessed 90,000 pieces of technology assets, including digital resources such as IP addresses and online domains, and found 4,500 tested items had system loopholes. 'If these loopholes are not discovered and fixed, when cyberattacks happen, they will definitely affect important services in Hong Kong or even affect residents' usage,' Raymond Lam Cheuk-ho, chief superintendent of the cybersecurity and technology crime bureau, warned. Hong Kong passed a law in March mandating that an undisclosed list of private operators in eight sectors deemed as critical infrastructure for the normal functioning of society must conduct regular security checks on their computer systems. The industries were the energy, information technology, banking, communications, maritime and healthcare services, and land and air transport sectors. Under the law, firms can be fined up to HK$5 million (US$637,685) for failing to keep their systems up to date. Regulated firms must also notify authorities within 12 hours of a cybersecurity breach.
The Australian
12-05-2025
- Business
- The Australian
Cyber threat trends: a CISO guide to emerging risks
Cybercriminals are leveraging large language models, and ransomware risks are on the rise, according to a new report that provides insights into evolving cyber threats. The prevalence of the ransomware-as-a-service (RaaS) model has significantly increased the frequency, destructiveness, and complexity of ransomware operations throughout 2024, according to Deloitte's Annual Threat Trends Report. The increase in use of RaaS models is enabling, for example, developers to concentrate on creating and improving ransomware and its components, initial access brokers to specialise in obtaining access to potential victims, and affiliates to focus on navigating compromised networks, payload deployment, and extortion, notes the report. Moreover, nation-state advanced persistent threats (APTs) have been increasingly deploying ransomware by collaborating with cybercriminal groups or developing their own ransomware strains for both financial gain and as a distraction to mislead incident responders while carrying out espionage-driven tactics. 'In today's rapidly evolving digital landscape, understanding cyber threat trends is crucial for safeguarding organisational assets and maintaining trust with stakeholders,' says Adnan Amjad, partner and US Cyber Offering portfolio leader at Deloitte & Touche LLP. 'Such insights can help CISOs navigate a complex threat landscape and implement effective security strategies,' adds Amjad. The Cyber Threat Trends Report emphasises the need for organisations to remain vigilant and adaptive in their cybersecurity strategies by identifying emerging threat trends in ransomware groups, AI-powered social engineering, and AI-as-a-service models, as well as evolving initial access trends. Effective cybersecurity begins with a deeper understanding of the evolving threats organisations continually face and the threat actors behind them, say report authors. They also explain that due to an influx of rapidly evolving and disruptive emerging issues and threat trends observed throughout 2024, organisations can benefit from adopting a broad approach to help mitigate the specific and ever-changing cyber risks they face. In this context, CIOs and CISOs can leverage the insights from threat intelligence teams to strengthen their organisation's cyber defences and prepare for worst-case scenarios to recover quickly in the event of a cyber intrusion. Trending and emerging initial access vectors The report investigates cyber threat trends across industry vectors, including the global impact of ransomware, trending and emerging initial access vectors, and observations from underground forums and marketplaces. Cybercriminals and nation-state APTs use large language models (LLMs) in many aspects of a cyberattack, according to the report. That includes actions such as gathering information on the target via multiple social engineering tactics, conducting reconnaissance, defense evasion, and crafting customised phishing lures. The use of LLMs to generate phishing content presents a significant challenge to traditional threat detection. Consider that threat actors can generate 1000 phishing emails in under two hours for as little as $6, with LLMs likely contributing to the overall 1265 per cent increase in phishing attacks reported in early 2024. [2] 'The future of cybersecurity lies in an organisation's ability to innovate and adapt,' says Kushagr Singh, principal and US Cyber Detect and Respond leader with Deloitte & Touche LLP. 'By leveraging advanced technologies while continuing to foster a culture of trust and security, we can help our clients stay one step ahead of cyber adversaries,' observes Singh. Underground trends Throughout 2024, report authors observed an increased influx of individuals' private information and a higher volume of sales of this information on various underground forums. Although international law enforcement efforts yielded visible results, they also underscored the persistent resilience of cybercriminal networks as threat actors often reconstitute quickly, indicating a continual need for intelligence-driven defense, closer public-private partnerships, and information-sharing initiatives to forge a more accurate picture of the threat landscape. Clare Mohr is leader and vice-president, Shawn Cozzolino, senior solution delivery manager, and David An, manager, all with Deloitte US Cyber Intelligence, Solution Delivery, Deloitte & Touche LLP. 1. 2. As published by the Deloitte US Chief Financial Officer Program in the 30 April 2025 edition of The CFO Journal in WSJ. Disclaimer This publication contains general information only and Deloitte is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this publication. About Deloitte Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ('DTTL'), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as 'Deloitte Global') does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the 'Deloitte' name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see to learn more about our global network of member firms. Copyright © 2025 Deloitte Development LLC. All rights reserved.
Tahawul Tech
08-05-2025
- Business
- Tahawul Tech
80% of cyberattacks in the Middle East lead to confidential data breaches
Positive Technologies, a leader in result-driven cybersecurity, has conducted a study on cyberthreats facing countries in the Middle East. The study examines the impact of digital transformation, the rise of organised cybercrime, and the dynamics of the underground market in the region. One in three successful cyberattacks in the Middle East was carried out by APT groups that commonly target government institutions and critical infrastructure. While the rapid adoption of new IT solutions in the region boosts efficiency across industries, it also increases their exposure to cyberattacks. Cybercriminals heavily relied on social engineering (61% of cases) and malware (51%), often combining the two methods. Remote access trojans (RATs) were the primary weapon in 27% of malware-based attacks. The widespread use of RATs suggests that attackers often aimed to maintain long-term access to their victims' systems. The analysis shows that 80% of cyberattacks on organisations in the Middle East resulted in the breaches of confidential information. Hackers were mostly interested in credentials and trade secrets (29% each), as well as personal data (20%). In most cases, the stolen data was used for blackmail or sold on the dark web. The second major consequence of attacks (38% of cases) was the disruption of core business operations. Such disruptions were particularly harmful in sectors like healthcare, transportation, and government services, where even brief downtime can have serious real-world consequences. APT groups are the most dangerous threat actors in the region because of their significant financial resources and advanced technical skills. In 2024, these groups accounted for 32% of all recorded cyberattacks, with a particular focus on government institutions and critical infrastructure. These attacks often went beyond standard cybercrime, taking the form of cyberespionage or even cyberwarfare. Their goal was not only to steal information but to undermine trust in government organisations and demonstrate power in the digital realm. The analysis of the dark web revealed mentions of attacks on a wide range of industries in the region. Government organisations were the most frequently targeted (34%), followed by the industrial sector (20%). Hacktivists, in particular, were very active on underground forums. Unlike regular cybercriminals, they are driven by ideological motives rather than financial gain. They often share stolen databases for free, making the cybercrime situation worse by giving many other criminals access to the stolen data. The United Arab Emirates, Saudi Arabia, Israel, and Qatar—leaders in digital transformation—were the most frequently mentioned countries on the dark web. Experts point out that the frequent ads for selling stolen data from these countries highlight the challenges of securing expanding digital environments. Cybercriminals are quick to exploit the vulnerabilities that come with rapid digitalisation. Positive Technologies analyst Alexey Lukash said: 'In the near future, we expect cyberthreats in the Middle East to grow both in scale and sophistication. As digital transformation efforts expand, so does the attack surface, creating more opportunities for hackers of all skill levels. Governments in the region need to focus on protecting critical infrastructure, financial institutions, and government systems. The consequences of successful attacks in these areas could have far-reaching implications for national security and sovereignty'. To help organisations build stronger defences against cyberthreats, Positive Technologies recommends implementing modern security measures. These include vulnerability management systems to automate asset management, as well as identify, prioritise, and remediate vulnerabilities. Positive Technologies also suggests using network traffic analysis tools to monitor network activity and detect cyberattacks. Another critical layer of protection involves securing applications. Solutions such as PT Application Firewall and PT Application Inspector are designed to identify vulnerabilities in applications, detect suspicious activity, and take immediate action to prevent attacks. Positive Technologies emphasises the need for a comprehensive, result-driven approach to cybersecurity. This strategy is designed to prevent attackers from disrupting critical business processes. Scalable and flexible, it can be tailored to individual organisations, entire industries, or even large-scale digital ecosystems like nations or international alliances. The goal is to deliver clear, measurable results in cybersecurity—not just to meet compliance standards or rely on isolated technical fixes. Image Credit: Positive Technologies
