WannaCry: Lessons Learned 1 Year Later

On the morning of May 12, 2017, WannaCry entered the cybersecurity lexicon forever.Within a day, WannaCry had spread around the world, infecting more than 230,000 computer systems in 150 countries and costing approximately $4 billion in financial losses. It was the most virulent self-spreading malware since 2003 when the Slammer worm infected most of its victims within one hour.WannaCry also led to widespread service disruptions at Britain’s National Health Service, where about 20,000 appointments got cancelled as hospitals and clinics were forced offline. [Read more…]

Why Phishing Continues to Spear Victims

Defenders had their hands full fending off zero-day attacks in 2017, with the EternalBlue and EternalRomance exploits—part of the cyber toolset reportedly stolen from the U.S. government—fueling the spread of two massive ransomware campaigns, WannaCry and NotPetya.

Yet, the most serious threat to companies—targeted attacks—used a much simpler, and yet effective, technique: Spear phishing. And it remains a popular mode of attack. [Read more…]

Expect a New Battle in Cyber Security: AI Versus AI

If you want to understand how rapidly artificial intelligence is changing businesses, look no further than the rise of chatbots.

The software-based conversationalists can help sales people find specific data or charts, keep schedules for executives, or walk security analysts through the proper response to an incident. Companies cannot avoid them. Some 65 percent of information-technology departments currently support Siri, Cortana or Google Now somewhere in their organizations while 19% of organizations have deployed AI chatbots, with workplace adoption anticipated to grow to 57 percent by 2021.

Yet, chatbots — and AI technology, in general — also bring risks. [Read more…]