Visit us at it-sa 2024!

GetyourfreeticketGetyourfreeticket

Trending Topics Cybersecurity – May 2023

SECURITY INSIGHTS | June 01, 2023

Myra's monthly security highlights provide IT decision-makers and security professionals with the most relevant topics from the world of cybersecurity. Current trends, defense strategies and news on cyber attacks, attack campaigns and more can be found here in a clearly arranged format.

The risk of becoming the target of a cyber attack is higher today than ever before. This is the assessment of more than two-thirds of the approximately 500 German companies surveyed by the consulting firm EY for a study. Cyber criminals are acting with increasing professionalism, but cyber defenses are also improving.

In May, law enforcement agencies scored several wins in the fight against cybercrime: International investigators seized 13 domains from illegal DDoS-for-hire services. In another joint operation, the FBI and Ukrainian police shut down nine crypto exchanges that cybercriminals were using to launder money. The FBI also shut down a global peer-to-peer network that collected sensitive information from high-value targets using the “Snake” malware.

In addition, law enforcement agencies from nine countries – including Germany – were able to arrest a total of 288 suspects who allegedly trafficked drugs on the darknet marketplace “Monopoly Market.” A month earlier, international investigators had already shut down the illegal trading platform “Genesis Market” in a similar operation and arrested 119 people worldwide. However, a part of this platform has been active again. This shows: Fighting cybercrime remains a constant battle. Preventive protective measures are all the more important to stay one step ahead of attackers.

The top IT security topics in May

IT security trends

EY study: German companies assess risk of cyberattacks as high as never before

More than two-thirds (68 percent) of the 500 or so companies surveyed by EY rate the risk of becoming the target of a cyberattack as “rather high” to “very high.” Almost three-quarters (73 percent) fear attacks by organized crime, followed by attacks by hacktivists.

Learn more

Europol: Germany records most ransomware attacks across Europe

According to Europol Executive Director Jürgen Ebner, German companies and institutions are most frequently attacked by ransomware gangs in an EU comparison. In a global comparison, Germany ranks fourth. According to Ebner, the amount of damage also continues to increase.

Learn more

Municipalities increasingly targeted by cyber attackers

The number of attacks is on the rise, according to the Baden-Württemberg cybersecurity agency, and the risk they pose is generally considered high. Attackers usually exploit avoidable vulnerabilities and primarily pursue monetary interests with their attacks.

Learn more

Cybercrime

DDoS attack cripple's Swedish parliament website

The attack originated from politically motivated hacktivists and was presumably connected with Sweden's planned accession to NATO. As a result, the parliament's website was temporarily unavailable and subsequently experienced limited performance.

Learn more

Citizen services disrupted after suspected cyberattack on county in Baden-Württemberg

Due to the security incident, the Ludwigsburg District Office had to completely shut down its IT infrastructure. The vehicle registration office, the driver's license office, the immigration office and the job center were temporarily closed.

Learn more

Attack on federal economic development agency

Germany Trade and Invest (GTAI) was only accessible to a limited extent as a result of the attack. E-mail and telephone services were down. The ransomware group Play claimed responsibility for the attack.

Learn more

Federal IT service provider spied on by cybercriminals

According to a warning letter from the ITDZ Bund, attackers “very likely” succeeded in intercepting large volumes of e-mail communications at the affected service providers. The emails contained personal data as well as project information that could be used for targeted phishing attacks.

Learn more

Car repair chain struggles with disruption after attack on IT infrastructure

According to ATU, the attack led to website downtime and restrictions on telephone communications. Some services were shut down as a precaution and were “not accessible or only accessible to a limited extent.” Card payments were also no longer possible.

Learn more

Best practice, defense & mitigation

NIS-2: What companies need to know now

NIS-2 finally makes IT security a matter for the boss. For companies in Germany, the new EU directive means: stricter requirements, wider scope and more critical consequences.

Learn more

Threat Assessment: Assess attack risk now and identify appropriate protection solutions

Assess your individual threat situation and your current level of protection to specifically optimize your application and network security – quickly and easily with the Myra Threat Assessment Card.

Learn more

13 domains seized from illegal DDoS-for-hire services

The FBI, in cooperation with international law enforcement agencies, has once again seized domains from so-called booter services that criminals use for DDoS attacks. Ten of the 13 blocked domains belong to reissues of DDoS-for-hire services that were previously shut down in December 2022 as part of the “PowerOFF” action.

Learn more

Darknet marketplace Monopoly Market: investigators arrest 288 suspects

Law enforcement agencies from nine countries have arrested 288 suspects who allegedly traded drugs on the illegal Monopoly Market trading platform. 52 people were arrested in Germany alone. In addition, €51 million in cash and cryptocurrencies were seized.

Learn more

FBI requests $90 million budget for cybersecurity

The U.S. Federal Bureau of Investigation (FBI) has requested about $63.4 million in funding to fight cyber threats in 2024. Another $27.2 million will go toward improved protection of internal FBI networks.

Learn more

Things to know

SSL/TLS termination: focus on compliance and trust

Protection and CDN service providers need to decode encrypted traffic to detect attacks and accelerate website content. Therefore, choosing a trusted service provider is crucial.

Learn more

Success Story: Minimizing downtime for the Federal Ministry of Health

The German Federal Ministry of Health had to deal with downtime of its website due to sometimes unexpected traffic spikes and DDoS attacks. Thanks to Myra's GDPR-compliant protection and performance solutions, the ministry was able to minimize downtime.

Learn more