IN THE NEWS
IBM has created a threat force assessment “IBM X-Force Threat Intelligence Index”. This is a sweeping research project across the internet and cyberspace to inform programmers and companies on the current threats to their systems. In this report, IBM is attempting to identify the newest threats and determine how damaging the threat could be.
They have identified that there are three trends in 2024 that all IT professionals should be aware of and plan countermeasures if applicable. Those are:
• An increase in abuse of valid accounts. (hacking into valid accounts)
• Ransomware is still being used and the major groups are pivoting (changing) their approach.
• IBM is concerned with generative Artificial Intelligence and its ability to access systems without permission.
For 2024 keep an eye on your passwords and on your accounts!
Obviously, your bank account is the most important credential to keep secure. Your brokerage account(s) with TAM are built that even if someone gains access to your account by stealing the username and password, they are not able to move money or assets. They need to speak with a human to initiate a transfer.
The crime of stealing a username and password is up over 70% from the prior year and represent 30% of all cybercrime in 2023. The number one way cybercriminals get your password is by sending you an email (phishing) with a link in the email to “log onto your account”. If you want to log onto your bank account, go directly to the website or app of the bank do not click an email. There is no way to stop the criminal from making the email look real.
Interestingly the thieves are switching to malware. Which are little programs that can, for example, record key strokes on one’s computer. Like when you type in your username or password. These are known as infostealers. The use of infostealers by thieves is up a whopping 266%.
Now as I am writing this article, we have CrowdSrtike who crashed large portions of the internet. Because Microsoft is the dominant software CrowdStrike, a cyber security company, sent an update to protect users against hacking. This update was not tested properly (usually to save money) and as a result the update had a bug and froze the systems it was updating. Which leads us to our Artificial Intelligence observation, no one even realized that a security update would get access to the source code and freeze a system. AI could act as a security update and perhaps get into computers through a side door.
Protect your password, print your December bank statements and carry some cash. Just in case.
