Yes, until your specific device is patched, you are vulnerable to attack.
NIST released new guidelines for user password requirements that are significantly different than those you may be used to following. For anyone keeping up with identity management guidelines over the past several years, this is not a surprise. For the non-security geeks among us, these changes may seem like a revelation to the mantra of password management we’ve heard for the past 20 years.
Cyberattacks, data breaches, malware, ransomware - these aren’t new to the headlines, yet the frequency of these incidents and the resultant focus on cybersecurity has dramatically increased. Why are we seeing this trend?
The primary driver behind the increased number of data breaches is the ability of cyber criminals to monetize the data stolen. This, in turn, has increased cybersecurity awareness and spending within organizations. The fear CEOs feel of being publicly shamed and their company being financially harmed by a data breach is very real. No CEO wants to go before Congress to explain their company was breached because of incompetence.
Almost exactly a year after Yahoo announced they suffered the largest data breach to-date, officials corrected the estimated number of users affected in a statement released on October 3rd. The initial estimation, which was made when they first announced their data breach in September 2016, was that the details of 500 million users were stolen. Three months later, Yahoo upped their assessment to one billion users. However, Yahoo is now telling users that virtually everyone who has a Yahoo account has had their data stolen. That’s correct, all THREE BILLION users have had their sensitive data stolen.
So, you got hit with ransomware today. You know…. that thing you’ve been hearing about that encrypts your data and holds it for a bitcoin ransom? You were so sure ransomware would never infect your network because you have an email filter, you have a firewall, you have up-to-date antivirus installed on your desktops, and you are probably using FSRM to control what files can be saved on your file server. Even if you did get hit with ransomware, you would probably just use one of those neat decryptors to reverse it. That sounds like several layers of protection that should stop any intruder, right??
Cybercriminals have been busy creating thousands of new ransomware variants over the past few months which they have used to steal hundreds of thousands of dollars from unsuspecting companies all over the world. WatchPoint continuously scours the web for new decryptors released by antivirus companies and has compiled one of the most extensive lists of free decryptors available.
As we near the end of the third quarter of 2017, let’s take a look back at the key points from the major cyber incidents that have occurred over the last nine months. Serial entrepreneur and CEO of WatchPoint, Greg Edwards, will also weigh-in on what he believes are the two biggest takeaways from the WannaCry, NotPetya, and Equifax cyberattacks.
Equifax, one of the largest providers of consumer credit reporting and other financial services in the United States, suffered a massive data breach where attackers made off with highly sensitive data of over 143 million users.
There are three credit bureaus to contact to freeze your credit. Freezing your credit is the simplest way to prevent or severely minimize the effects of identity theft. If the cybercriminal cannot take out credit in your name, then they will move on to an easier target. With your credit reports frozen it makes it very difficult for anyone to take out a loan in your name. When you need a new credit card or loan, simply contact the credit bureaus and have a temporary lift put on your file.