This week’s Knowledge Update talks about how DMARC implementation lags as email frauds surges, Ransomware will continue attacking in 2018 and UK regulator has major issues about Uber policies and ethics after data breach.
DMARC implementation Lags as email fraud surges
Domain-based Message Authentication, Reporting and Conformance (DMARC) is a standard that makes sure that only authorized senders can use an organisation’s domain name in their emails.
ValiMail’s 2017 Email Fraud Landscape Report discovered that one in five emails sent today have come from unauthorized senders, many represent fraudulent activity. Just 0.5% of the top million domains have protected themselves from impersonation by email authentication, this leaves 99.5% of domains vulnerable.
Implementing DMARC, Encryption and Digital Signatures across your business will secure your sensitive data and reduce phishing attacks. More information on implementing DMARC can be found here or contact the London Digital Security Centre for more information: firstname.lastname@example.org
Ransomware to continue attacking in 2018
This year, there has been a tidal wave of ransomware attacks throughout the UK which has shown the gaps and lapses in cyber security which is crippling some organisations and cause significant financial losses to others. Next year, Ransomware will continue to strike businesses across the UK and the world, with healthcare and industrial systems being the new prime targets for any future attacks.
Although 2017 saw the biggest ransomware attacks affect Windows user, 2018 may see an explosion of Android malware, as well as malware targeting Apple computers, said Basnal.
As strains of Ransomware develop and evolve it is increasingly important for businesses to regularly and securely back up their critical data. Businesses cannot rely on anti-virus alone to protect themselves from Ransomware, a guide to Ransomware can be found here.
UK regulator has major concerns about Uber’s policies and ethics after data breach.
As the BBC has reported: The UK’s information commissioner has “huge concerns about Uber’s data policies and ethics” following a breach that exposed the details of 57 million customers and drivers. Uber did not tell anyone about the breach and paid a ransom to hackers to delete the data. Deputy commissioner James Dipple-Johnson said these actions were unacceptable.
“It’s always the company’s responsibility to identify when UK citizens have been affected as part of a data breach and take steps to reduce any harm to consumers. Deliberately concealing breaches from regulators and citizens could attract higher fines for companies,” Mr Dipple-Johnson said.
Data breaches can affect any size of company, large or small, reporting data breaches will be a key part of the coming General Data Protection Regulation. Organisations of all sizes will have to comply to the coming of GDPR or be at risk of punitive fines. A support pack and compliance guide can be found here.