This blog is the latest in a series dedicated to Zhadnost, a Russia-aligned botnet first discovered by SecurityScorecard in March.

In 2020, SecurityScorecard uncovered a case in which self-signed certificates caused misattributions for CDN IPs, and IPs shared by many websites. At the time, we mitigated this issue by labeling CDNs (e.g. Cloudflare, Akamai, Fastly, etc.), so that customers could easily determine if their scoring problems were related to shared IPs.

In a threat landscape where organizations outsource vital business processes that leave data security in the hands of third-party information technology, vendor risk management is increasingly important. A 2022 KPMG study found that 73% of survey respondents experienced at least one significant disruption caused by a third party over the past three years.

Modern organizations are increasing cloud adoption to reap the operational benefits of outsourcing critical business functions. A 2021 study found that 90% of surveyed organizations now use cloud computing, such as software-as-a-service (SaaS) services. SaaS solutions help organizations achieve vital objectives, such as cost reductions and faster time-to-market. However, like all other digital transformation products, they also introduce cybersecurity risks.

Operational risk is defined as the risk of a loss that results from inadequate or failed business processes, people and systems, or from external events. More simply, operational risk pertains to any uncertainty or threat your organization faces (or might face in the future) during day-to-day business activities. The risk arises from operational disruptions and is likely to result in losses or reputational damage. Some operational risk is inevitable for every organization.

Most businesses today want to deliver modern applications, products, and services to customers as efficiently as possible. This seemingly simple goal is far more complex than it sounds – particularly in the age of digital transformation.

As malicious attackers and nation states have increasingly weaponized the cyber domain to impact private companies, the sustainability of organizations' ties to their cybersecurity is in question across all industries and sectors. There are many examples of companies going out of business as a result of a cyber attack, due to business leaders failing to wrap their arms around all the different ways that the ever evolving cyber threat landscape can impact their business.

The 2021 CrowdStrike Global Security Attitude Survey found that on average, organizations take 146 hours to discover a cybersecurity incursion, an alarming increase on the 2020 average of 117 hours. This means that an intruder could remain inside an enterprise network for more than six days before detection. Moreover, those attackers can move laterally across the network in just 92 minutes, searching for — and often finding — sensitive enterprise data or other high-value assets.

Learn how the industrial internet of things (IIoT) is changing industries around the world, and what your business can do to make sure your IIoT devices are secure. The fourth industrial revolution – industry 4.0, as some are calling it – is upon us. As digital transformation sweeps across manufacturing, production and related industries, many organizations are grappling with this new stage in the organization and control of the industrial value chain.

The vendor risk management process is now an essential requirement of all cybersecurity programs. Without it, you're a sitting duck for supply chain attacks and third-party data breaches. In recognition of this, regulatory bodies are increasing their third-party risk compliance requirements and enforcing obedience by threatening heavy financial penalties for non-compliance.

Global regulations for data privacy and cybersecurity are quickly becoming more common and more stringent. That puts added pressure on organizations to manage their risks appropriately or face potentially painful consequences. In particular, organizations around the world and across industries are experiencing high demand from regulators to implement compliance risk management.

Cybersecurity threats abound, and the pace of cybersecurity attacks is increasing steadily year after year. At the same time, consumers are also becoming more aware of cybersecurity harms, and demanding better performance from the companies with which they do business. Regulators hear that sentiment from consumers too, and are responding with ever more stringent rules for data privacy.

Organizations must enact effective third-party risk management (TPRM) programs to ensure their vendors fulfill cybersecurity requirements. Otherwise, they risk carrying the financial and reputational harm caused by customer data breaches. The PCI DSS standard covers aspects of third-party risk management as it's applicable to all organizations that process credit card data, especially the heavily regulated finance industry.

As mentioned in SecurityScorecard’s (SSC) previous Zhadnost blog posts (part one and part two), the DDoS attacks against Ukrainian and Finnish websites do not appear to have a lasting impact, as the sites were back online within hours of the attack.

SecurityScorecard’s own Ondrej Krehel talks with News 12 in New York about how to protect yourself from what might be the most surreal spam number of all—your own. Most of us are used to getting spam texts: You’ve paid your bill, click this link for a free gift! You’ve won the sweepstakes, click here to redeem! It’s no surprise that nothing good comes from clicking those links.

Creating an incident response plan is mission-critical for modern organizations. As threat actors continuously evolve their attack methodologies, organizations need the people, processes, and technologies that allow them to rapidly respond to a security incident. According to research, attacks have increased by 15% since 2019.

Discover the best vulnerability mitigation strategies to help protect your business from potential threats with this guide from the team at Reciprocity. 2021 (and every year leading up to it) was the worst year on record for cybersecurity. Since the onset of the COVID-19 pandemic, cybercrime as a whole has increased by 600 percent.

In the age of digital business, protecting your organization’s digital assets from cyber threats and reducing your cyber risk exposure has never been more important – or more complicated. At the same time, most organizations are also required to comply with numerous industry and government regulations that dictate standards for data privacy and IT security.

This is the second installment in Trustwave’s in-depth tour of our Security Colony platform. For a broad overview of what Security Colony offers please read 5 Ways CISOs Can Leverage the Power of Trustwave Security Colony. Self-evaluation in any area, much less cybersecurity, can be challenging. Is my performance at work strong and consistent? Am I being friendly to my neighbors?

A democratized approach to cybersecurity risk management that leverages continuous monitoring and public-private partnerships is overdue, and critical, for today’s cyber threat environment.

SecurityScorecard (SSC) has identified a DDoS attack which targeted the websites of the Finnish Ministry of Foreign Affairs and Ministry of Defense. SSC discovered more than 350 bots, mainly located in Bangladesh and African countries, which are now considered to be part of the Zhadnost botnet, previously discovered by SSC in March.

Nearly every day, it seems like you’re reading about another data breach in the news. Between ransomware attacks and nation-state actors, you can’t rely on the old “trust but verify” adage anymore. Cyber resilience isn’t about preventing all threats, it’s about creating a security program that allows you to identify, investigate, contain, and mitigate threats quickly and effectively.

People have long used mission statements, declarations and manifestos to publicly convey the intentions, motives or views of its issuer. While the historical political landscape has long used these actions to challenge and provoke, they are also advertisements to gain attention and to spark action.

Today I want to revisit the SEC’s proposed new rules requiring public companies to disclose more about their cybersecurity risks. Those plans would obligate companies to discuss how the board and senior management address cybersecurity risk at a strategic, enterprise level. What’s that all about?

Water Sector Cybersecurity Requirements Policymakers and regulators in Washington are bringing their attention now to water utilities’ cybersecurity. Last month, the White House announced it was expanding its public-private cybersecurity partnership to the water sector. Separately, in December of 2021, the Environmental Protection Agency (EPA) announced an evaluation of regulations related to the public water system’s cybersecurity, which will change in April.

Cyber risk has never been completely independent of world politics and international affairs, but in recent weeks, there has been a significant shift in alignment. The domain of physical war has closer ties to the digital sphere than ever before. As part of efforts to manage elevated cyber risk, it is vital to understand the short-term impact and longer-term risk of current events, and where focus should be placed to achieve the best defense.

One would be hard pressed to find anyone working today in the cybersecurity world that has not yet heard of Lapsus$, an emerging cyber-crime group with big claims of breaching the likes of high-profile companies Microsoft, Samsung, NVIDIA, and Okta amongst others.

How well do you know your organization’s attack surface? Chances are, you don’t know it as well as you think you do. According to a recent report, 2 out of 3 organizations say their external attack surface has expanded in the past 12 months, but that does not mean they’ve been keeping track of it.

Ransomware has dominated the headlines the last couple of years. But it might surprise you to hear that another scourge—business email compromise (BEC)—accounted for 49 times more in losses in 2021. As reported in the FBI’s latest Internet Crime Report, BEC cost organizations and individuals $2.4 billion versus $49.2 million for ransomware. In fact, more than a third of total cybercrime last year can be attributed to BEC.

The amount of data that municipalities deal with on an everyday basis has grown exponentially. In particular, local governments have focused on upping their cybersecurity efforts due to the sensitive information and data stored and shared with state and federal government programs. It is now more important than ever to ensure effective cybersecurity within local governments. In this blog, we will take a look at how your local government can reduce impending risks and secure innate vulnerabilities.

As most of our customers know, every single company – customer or not – gets free and unlimited access to their own company’s Scorecard. This view allows them to see the complete details of their scorecard and a high-level view of five other scorecards. SecurityScorecard provides this free access because we know that when companies engage with their scorecard, their scores improve, their attribution becomes more accurate, and our customers lower their own cyber risk.

The SolarWinds supply chain attack highlighted how vulnerable supply chains are to cyberattacks. Supply chain risk mitigation has since become an essential component of risk management strategies and information security programs. To support the success of this effort, we’ve listed the top 4 supply chain security risks you need to be aware of in 2022.