by Emily Kowalsky | Mar 11, 2020 | Home + Mobile
The last thing you want to do when you get a new computer,
mobile device, or tablet is spend a lot of time setting it up. But like any
major appliance, these devices are something you want to invest a little time
setting up properly. Often, they’re not cheap. And you want them to last. So,
before you jump online and start shopping, gaming, or browsing, take some time
to ensure your device is ready for anything the internet can and will throw at
it.
There’s a caveat, though, of which Webroot security analysts
are quick to remind users. “Even if you’ve taken every precaution when it
comes to configuring your new device,” says Webroot Threat Research
Analyst Connor Madsen, “it’s important to remember that proper online
etiquette is essential to your security.”
“Clicking on links that don’t seem quite right, opening attachments from unknown senders, or otherwise ignoring your best security instincts is a good way to undermine any effective online security protection.”
Connor Madsen, Threat Research Analyst
For best results, in addition to the warning issued above, here
are five tips for making sure your device, and the important files stored
within it, are safe from common risks.
#1 – Update software
The first thing you’ll want to do is make sure the operating
system on all your devices is up to date. One of the most common methods
hackers use to launch attacks is exploiting out-of-date software. Failing to
install periodic patches and software updates leaves your new device vulnerable
to the numerous threats lurking on the web. Depending on how old and
out-of-date your device is, it may take a while for applications to update.
However long it takes, it’s preferable to the hassle and expense of having to
undo an infection after it’s bypassed your security perimeter.
#2 – Enable firewall
Speaking of your security perimeter, the first line of
defense along that perimeter is your firewall or router, if you’re using one. A
router works as a firewall for the devices connected to it. But, if you’re not
using a router, make sure your firewall is enabled to protect you from
malicious traffic entering your network. This is different from an antivirus,
which protects you from malicious files.
#3 – Install antivirus
Malicious files can be disguised as attachments in an email or links on the web, even the apps you download. So, it’s important to have an antivirus solution to protect your new computer. Malware attacks like ransomware make constant news these days. And everyone’s a target, from individual users to local businesses, hospitals, or municipalities. The cybercriminals launching these attacks are constantly changing, evolving threats to be more sophisticated and harder to detect. That’s why it’s important to keep your antivirus as up-to-date as your operating system and other applications.
#4 – Back up
Once you have your operating system and applications
updated, your firewall enabled and an effective anti-virus application, you can
begin using your computer safely. But there’s one more thing you need to
consider if you’re going to be creating and storing important documents and
work material on your new machine. Any new files on your computer will need to
be backed up. That’s when you make a copy of the contents on your machine and
store it in a safe place just in case you lose the original or it becomes
infected by a virus. Since no single security solution can be 100 percent
effective, it’s best to have a backup copy of important files. The thing is,
you don’t want to have to decide what’s worth backing up and what’s not. That’s
far too labor-intensive and it introduces the possibility of human error. Your
best bet is to use a solution
that’s designed for this purpose. A true backup solution protects files
automatically so you don’t have to remember what you copied and what you
didn’t. It also greatly simplifies file recovery, since it’s designed for this
purpose.
#5 – Wipe your old device
Just because you have a shiny new toy doesn’t mean you can
forget about your old machine. Before you relegate it to the scrap heap, make
sure there’s nothing important or confidential on it you wouldn’t want someone
to have access to. You could have old passwords saved, tax records, or
sensitive work documents that you wouldn’t want shared. The best way to do this
is to wipe the contents of your old device and reinstall the operating system from
its original state.
Seem overwhelming? If so, it’s best to remember that one of
your strongest cybersecurity tools is common sense. While things like an
antivirus and backup strategy are essential for maintaining good cyber hygiene,
remember Madsen’s advice.
“If it seems like an offer that’s too good to be true, or
something about a link or file just doesn’t seem right, don’t click or download
it. Trust your instincts.”
by Connor Madsen | Feb 14, 2020 | Industry Intel
Estée Lauder Leaves Massive Database Unprotected
Earlier this week researchers discovered an unsecured database containing over 440 million records belonging to Estee Lauder, a major make-up manufacturer. Though the company has confirmed that no customer data was stored in that database, they are still unsure on how long it was left exposed for and it did contain sensitive company information. Estée Lauder was able to properly secure the database on the same day the initial researcher contacted them.
SoundCloud Account Vulnerabilities Fixed
Researchers have contacted SoundCloud
about vulnerabilities in their platform API that could allow attackers to
illicitly access user accounts. While officials quickly resolved the security
flaws, two additional API flaws had the potential to initiate DDoS attacks or
create fraudulent song statistics by exploiting a specific set of track IDs.
Attackers would have been able to exploit the user ID authentication to test
previously leaked username/password combinations in hopes some victims were
using the same credentials on multiple sites.
Danish Data Leak Exposes 1.3 Million Citizens
Over a period of five years from 2015 to 2020, a bug in the
country’s tax systems has leaked sensitive ID numbers for nearly 1.3 million Danish
citizens. The bug itself displayed the user’s ID number in the URL after
the user made changes in their tax portal, which were then analyzed by both
Google and Adobe. Fortunately, no additional tax or other personal information
was divulged in the leak, which the government was quick to resolve.
Study Reveals Top Brands Used in Phishing Campaigns
After gathering data from nearly 600 million email boxes
over the last year, researchers once again determined that PayPal
was the most impersonated company for phishing attacks in 2019. The data also
revealed that phishing campaigns disguised as PayPal were using an average of
124 unique URLs daily to propagate the malicious content. Many other top
companies used in phishing campaigns in 2019 were financial institutions, as
they are easy troves of consumer information.
Australia Debates Retention Period for Consumer Data
The Australian
government has just begun debating changes to their current data retention
period, which is currently two years (or significantly longer than any
comparable nation’s policy). Storing data for that length of time can be
extremely dangerous, especially given the rise in data breaches in recent
years. While Australia believes it’s two-year limit to be a good balance, there
is currently no management of who actually has access to the data and several
amendments are introduced to improve the privacy of Australian citizens.
by Connor Madsen | Feb 7, 2020 | Industry Intel
Tax Season Brings Emotet to the Front
As Americans prepare for tax season, Emotet
authors have started a new campaign that imitates a W-9 tax form requested by
the target. As with most malicious phishing, an attached document asks users to
enable macros when viewing the files. This campaign can be particularly
dangerous, because many people don’t spend much time looking at W-9s since they
are only sent to contractors and clients who often quickly sign and return
them. Emotet infections can further harm companies by downloading additional
info-stealing malware and using infected machines to distribute spam campaigns.
Australian Logistics Company Faces Delays After Ransomware Attack
Toll
Group, a major transportation company in Australia, fell victim to a
ransomware attack this week that forced them to take several vital systems
offline. Due to company cybersecurity policies, no customer data was accessed
and the damage was minimized by a quick response from their team. While many
customers have been able to conduct business as normal, some are still experiencing
issues as they wait for all of Toll Group’s systems to return to normal
operation.
Cryptomining Botnet Found on DoD Systems
A bug bounty hunter recently found an active cryptocurrency
mining botnet
hidden within systems belonging to the U.S. Department of Defense (DoD). The
bug was also being used as a silent backdoor for additional malware execution. Unfortunately,
the misconfigured server had already been illicitly accessed and the attackers
had installed a cryptominer to obtain Monero coins, but officials for the DoD
worked quickly to secure the system before further damage could be inflicted.
Maze Ransomware Targets Multiple French Industries
At least five French law firms and a construction
corporation have fallen victim to the Maze
ransomware variant, which is known for quickly exfiltrating sensitive
information. Maze authors also made an announcement that they will begin
releasing the stolen data if the victims refuse to pay the ransom. Though only two
of the law firms have had their data posted so far, the remaining firms are
expected to be exposed if the ransom is not paid.
British Charity Falls for Impersonation Scam
The British housing charity Red
Kite recently fell victim of an impersonation scam in which nearly $1
million was redirected to a scammer’s account. By disguising their domain and illicitly
accessing previous Red Kite email threads, the attackers were able to
impersonate a contracting company without payment system safeguards stopping
the payment or notifying victims that anything was abnormal until it was too
late.
by Connor Madsen | Jan 31, 2020 | Industry Intel
Indonesian Magecart Hackers Arrested
At least three individuals were arrested in connection to the
infamous Magecart
information stealing malware. Thanks to the combined efforts of several
international law enforcement agencies, numerous servers issuing commands to
awaiting Magecart scripts have been taken down in both Indonesia and Singapore.
While these are not the only individuals who have profited from the Magecart
code, they are the first to be identified and brought to justice.
German City Suffers Cyberattack
The City of Potsdam,
Germany, is recovering from a cyberattack that took down parts of its administration
systems. Fortunately, the systems were being actively monitored and were
quickly taken offline to prevent data from being removed. It seems, after
further investigation, that the servers were not fully patched with the latest
updates. This could have allowed the attackers to move and execute malware freely.
Job Listings Used to Commit Fraud
A new wave of data theft has hit the job hunting
crowd, making life harder for people looking to be hired. Cybercriminals have
been creating phony sites with job listings for the purpose of absconding with the
information one would normally provide an employer after accepting an offer. Though
these types of scams have been executed in the past, they tend to reappear
occasionally due to their continued success.
UK Court Freezes Bitcoin Wallet
After falling victim to a ransomware
attack that shut down more than 1,000 computers, a Canadian insurance
company took advantage of their cybersecurity policy to pay out a nearly $1
million ransom. By working with a cyber analysis firm, the company was able to
track their ransom payment through the blockchain to a final wallet, which was then
frozen by the currency exchange to stop further transactions and to identify
the owners of the wallet. Though this may sound positive for the victims, they
may be the target of additional negative repercussions like having their stolen
data published or being attacked again.
South Carolina Water Company Shutdown
The Greenville
Water service in South Carolina was hit with a cyberattack that took down
all their systems for around the last week. As they continue to restore systems
to proper function, officials have stated that no customer data was accessed,
nor is any payment card data actually stored there. Fortunately, Greenville
Water was able to return to normal functions within a week and informed
customers that late fees would not be issued for payments made during the
outage.
by Connor Madsen | Jan 23, 2020 | Industry Intel
Point-of-Sale Breach Targets U.S. Cannabis Industry
Late last month, researchers discovered a database owned by
the company THSuite that appeared to contain information belonging to
roughly 30,000 cannabis customers in the U.S. With no authentication, the
researchers were able to find contact information as well as cannabis purchase
receipts, including price and quantity, and even scanned copies of employee and
government IDs. Though many of the records were for recreational users, medical
patients were also involved in the breach, which could prompt additional investigations
regarding HIPAA violations.
Ransomware Attack Shuts Down Florida Libraries
At least 600 computers belonging to the library
system of Volusia County, Florida were taken offline after falling victim
to an unconfirmed ransomware attack. While the libraries were able to get 50
computers back up and running, many of their core functionalities are still
offline for the time being. Though officials still have not confirmed that
ransomware was the cause of the shutdown, the attack is similar to ones
targeting multiple California libraries less than a week earlier.
UK Government Allows Gambling Firms Access to Children’s Data
The Information Commissioner’s Office (ICO) was recently
informed of a data breach
that could affect nearly 28 million students in the UK. A gambling firm was
apparently given access to a Department for Education database by a third-party
vendor to complete age and ID verification, though it is unclear just how much
information they were gathering. Both firms and the Department for Education
have begun examining this breach to determine if this requires a full GDPR
investigation.
International Law Enforcement Efforts Take Down Breach Dealer Site
In a combined effort from multiple law
enforcement agencies in the U.S. and Europe, two individuals who operated a
site that sold login credentials from thousands of data breaches were arrested.
Immediately following the arrests, the domain for WeLeakInfo was taken down and
all related computers were seized by police, who then promptly put up an
official press release and request for any additional info on the site or
owners. WeLeakInfo, which boasted access to over 12 billion records, was
originally hosted by a Canadian company, but was quick to employ Cloudflare to
continue their nefarious dealings privately.
UPS Store Exposes Customer Data
Roughly 100
UPS Stores across the U.S. fell victim to a phishing attack that compromised
sensitive customer information over the last four months. This incident stems
from a malicious phishing attack that allowed some individuals to compromise store
email accounts, which then allowed access to any documents that had been
exchanged between the accounts and customers, from passports and IDs to
financial info. Fortunately, UPS has already begun contacting affected
customers and is offering two years of credit and identity monitoring.
by Connor Madsen | Jan 17, 2020 | Industry Intel
Ryuk Adds New Features to Increase Devastation
The latest variant of the devastating Ryuk
ransomware has been spotted with a new feature that allows it to turn on
devices connected to the infected network. By taking advantage of Wake-on-Lan
functionality, Ryuk can is able to mount additional remote devices to further
its encryption protocols. While it’s possible to only allow such commands from
an administrator’s machine, those are also the most likely to be compromised
since they have the largest access base.
Learn more about ransomware infections and how to protect your data from cybercrime.
Bank Hackers Arrested Outside London
Over the course of six years, two individuals were able to
successfully hack into many hundreds of bank and phone accounts with the intent
to commit
fraud. With the information they gathered, the two were also able to open
new credit accounts and take out significant loans to purchase extra tech
hardware. Officials for the London Metropolitan Police have made it known that
cybercrime is taken just as seriously as any other crime.
Cryptominer Found After Multiple BSODs
Following a series of “blue screens of death” (BSoDs) on a
medical company’s network, researchers identified a cryptominer
that spread to more than 800 machines in just a couple months. The payload, a
Monero miner, was hidden within a WAV file that was able to migrate undetected
to various systems before executing the payload itself. To spread efficiently,
the infection used the long-patched EternalBlue exploit that had not yet been
updated on the network in question, thus leaving them fully susceptible to
attack.
Consulting Firm Exposes Professional Data
Thousands of business professionals from the UK have
potentially fallen victim to a data leak by the major consulting
firm CHS. A server belonging to the company was found to contain passports,
tax info, and other sensitive information that could have been archived from
background checks within an unsecured Amazon Web Services bucket. While it is
still unclear how long the data was available, researchers who discovered the
leak quickly contacted both CERT-UK and Amazon directly, which promptly secured
the server.
Western Australian Bank Breached
Over the last week officials for P&N
Bank in Australia have been contacting their customers concerning a data
breach that occurred during a server upgrade in early December. Though personally
identifiable information has been exposed, it doesn’t appear that any accounts
have been illicitly accessed and relates more to a customer’s contact
information. A total number of affected customers has yet to be confirmed.
by Connor Madsen | Jan 10, 2020 | Industry Intel
Snake Ransomware Slithers Through Networks
A new ransomware variant, dubbed “Snake,”
has been found using more sophisticated obfuscation while targeting entire
networks, rather than only one machine. In addition, Snake will append any
encrypted file extensions with five random characters following the filetype
itself. Finally, the infection also modifies a specific file marker and replaces
it with “EKANS,” or SNAKE spelled backwards. A free decryptor hasn’t been
released yet, and the malware authors have specified that that encryption will
be for entire networks only.
Minnesota Hospital Data Breach
Sensitive information belonging to nearly 50,000 patients of
a Minnesota
hospital has been illicitly accessed after multiple employee email
addresses were compromised. While in most cases the information accessed was
medical data and basic contact info, some patients may have also had their
Social Security and driver’s license numbers compromised. Alomere Health has
already contacted affected patients and begun providing credit and identity
monitoring services.
Cyberattack Finally Cracks Las Vegas Security
For a city that is the target of roughly 280,000 cyber
attacks every month, one attack was finally able to make it through Las
Vegas security protocols. The attack appears to have stemmed from a
malicious email but was quickly quarantined by city IT officials before it
could do any critical damage. Earlier in 2019, Las Vegas officials proposed a
measure to refuse payments to any cybersecurity threat actors.
Travelex Falls Victim to Sodinokibi Ransomware
On the first day of 2020, foreign travel service provider Travelex
experienced a ransomware attack that used unsecured VPNs to infiltrate their
systems. To make matters worse, a demand of $6 million has been placed on the
company for the return of their data, or else the ransom will be doubled. Since
this attack, a scoreboard has been created to track the six additional victims
of the Sodinokibi/REvil ransomware campaign.
ATM Skimmer Arrested in New York
At least one individual has been arrested in connection to
an ATM
skimming ring that has taken over $400,000 from banks in New York and surrounding
states. From 2014 to 2016, this group installed card skimmers in an
unidentified number of ATMs in order to steal card credentials and build up
fraudulent charges. Eleven other people are connected with this incident and
will also likely be charged.
by Connor Madsen | Jan 3, 2020 | Industry Intel
US Coast Guard Facility Hit with Ransomware
During the last week of December a US
Coast Guard facility was the target of a Ryuk ransomware attack that shut down
operations for over 30 hours. Though the Coast Guard has implemented multiple
cybersecurity regulations in just the last six months or so, this attack broke
through the weakest link in the security chain: human users. Ryuk typically
spreads through an email phishing campaign that relies on the target clicking
on a malicious link before spreading through a network.
Crypto-trading Platform Forces Password Reset After Possible Leak
Officials for Poloniex, a cryptocurrency trading platform, began pushing out forced password resets after a list of email addresses and passwords claiming to be from Poloniex accounts was discovered on Twitter. While the company was able to verify that many of the addresses found on the list weren’t linked to their site at all, they still opted to issue passwords reset for all clients. It’s still unclear where the initial list actually originated, but it was likely generated from a previous data leak and was being used on a new set of websites.
Cybersecurity Predictions for 2020: What Our Experts Have to Say
850 Wawa Stores Affected by Card-skimming
Nearly every one of Wawa’s
850 stores in the U.S. were found to be infected with a payment
card-skimming malware for roughly eight months before the company discovered
it. It appears Wawa only found out about the problem after Visa issued a
warning about card fraud at gas pumps using less-secure magnetic strips. WaWa has
since begun offering credit monitoring to anyone affected. In a statement, they
mention skimming occurring from in-store transactions as well, so card chips
would only be effective if the malware had been at the device level, rather
than the transaction point.
Microsoft Takes Domains from North Korean Hackers
Microsoft recently retook control of 50 domains that were being used by North Korean hackers to launch cyberattacks. Following a successful lawsuit, Microsoft was able to use its extensive tracking data to shut down phishing sites that mainly targeted the U.S., Japan, and South Korea. The tech company is well-known for this tactic, having taken down 84 domains belonging to the Russian hacking group Fancy Bear and seizing almost 100 domains linked to Iranian spies.
Landry’s Suffers Payment Card Breach
One of the largest restaurant chain and property owners, Landry’s,
recently disclosed that many of their locations were potentially affected by a
payment card leak through their point-of-sale systems. The company discovered
that from January through October of 2019, any number of their 600 locations
had been exposed to a card-skimming malware if not processed through a main
payment terminal that supported end-to-end encryption.
by Connor Madsen | Dec 20, 2019 | Industry Intel
Honda Customer Database Exposed
Officials have been working over the past work to secure a
database containing highly sensitive information belonging to more than 26,000
North American customers of the Honda
motor company. The database in question was originally created in October and
was only discovered on December 11. While no financial information was included
in the leak, the records did contain names, VIN numbers, and service details
for thousands of customers.
Boeing Contractor Data Leak
Nearly 6,000 defense contractors working for Boeing
have had personal information leaked after a user error left an Amazon web
service bucket publicly exposed. The 6,000 Boeing staff are only a small
portion of the 50,000 individual records found on the leaked server, many of whom
were involved in confidential projects for the Department of Defense. These
types of data leaks are increasingly common as more users are not properly
securing their servers or using any form of authentication.
Sextortion Email Campaign Shutdown
After months spent chasing them across Europe, authorities
have arrested the authors responsible for the Nuclear
Bot sextortion campaign. With their Nuclear Bot banking trojan, the team was
able to compromise roughly 2,000 unique systems and use them to help distribute
malicious emails. Though it’s been verified that the original authors are in
custody, the source code for Nuclear Bot was made public in the hope no money
would be made from its sale.
Emotet Sent from Phony German Authorities
A new email campaign has been disguising itself as several German
government agencies and spreading the Emotet trojan, infecting multiple
agency systems. This campaign differs from previous Emotet attacks by appearing
as a reply from a prior email to appear more legitimate. To best defend against
these attacks, users are strongly encouraged to check both the sender’s name
and address as well as ensuring that macros aren’t enabled in their Office
apps.
LifeLabs Pays Ransom After Cyber-Attack
Canadian testing company LifeLabs decided to pay a ransom
after attackers illicitly accessed the sensitive information for all 15
million of its customers. Oddly, many of the records being found date back
to 2016 or earlier and have yet to be identified on any illicit selling sites.
LifeLabs has since contacted all affected customers and has begun offering
identity monitoring services.
by Kyle Fiehler | Dec 18, 2019 | Business + Partners
As the year draws to a close, the cybersecurity analysts at Webroot and Carbonite pull out their crystal balls to make their predictions for the year ahead.
Our experts predict many of the trends they’ve been tracking throughout the year—well-researched attacks, RDP compromise, and the importance of user education—will continue into the New Year. But they’ll be affected by new industry developments such as impending privacy regulations, AI-enabled attacks, and attacks targeting developing nations.
Highly Targeted Ransomware Will Continue to Devastate Businesses
Unsurprisingly, our experts predict the strong trend toward highly targeted ransomware will bleed into 2020.
“Highly targeted ransomware will likely continue,” predicts Webroot Software Management Manager Eric Klonowski. “Next year, we predict ransom-motivated attackers will more pointedly observe automatic backup solutions and make attempts to remove and alter the backup data or the task itself.” Klonowski said.
High-effort, low-volume surveillance techniques are now favored by ransomware operators like the Bitpaymer Group, which has been known to customize ransomware only hours before deploying an attack, first tailoring it to observations gathered on their targets.
We should expect actors like these to continue to gain access to networks from where they can observe financial transactions and valuable information before determining the most profitable way to strike at their intended targets.
Phishing will likely also become more targeted as data collected from breaches is incorporated into phishing emails. Things like passwords and recent transactions can go a long way in convincing people an email is legit.—Grayson Milbourne, Security Intelligence Director, Webroot
Long-Awaited Privacy Legislation Will Finally Arrive in the U.S.
We expect that privacy and security will continue to jockey for primacy of concern in the minds of U.S. citizens. California, which has long led the fight for more stringent data privacy for consumers, is set to enact a law in early 2020 that has often drawn comparisons to Europe’s GDPR.
As noted by Tech Crunch, California’s new data privacy act, like GDPR, will extend to all organizations that do business with Californians, effectively making it the law of the land nationwide. But Webroot Product Marketing Director George Anderson predicts a groundswell of support among U.S. citizens for stricter data privacy regulations.
“U.S. citizens will step up their demands for privacy in 2020,” he says. “Privacy legislation in the U.S., which has lagged behind other nations, will be a central issue.”
But rather than settling for a new set of standards, Anderson wouldn’t be surprised if entirely new revenue models are explored. Models that rely less on selling personal data than, say, subscription fees or some other alternative.
“I would expect an alternative paid for services that don’t abuse data will emerge, Anderson says. “The existing, untrusted purveyors of convenience will try to pivot, but ultimately lose out heavily. Legislation and technology are starting to converge due to so many abuses of privacy.”
“Adversarial attacks against AI-based security products will likely grow in scope and complexity, which would highlight the fact that there are fundamentally two types of AI in cybersecurity: AI which acts like a smarter conventional signature and AI which is built into every facet of an intelligent, cloud-based platform capable of cross-referencing and defending itself against adversarial attacks.” —Joe Jaroch, Senior Director of Cybersecurity Strategy, Webroot
Small and Medium-Sized Businesses will Bear the Brunt of Cyberattacks
Findings regarding cybersecurity readiness among small and medium-sized businesses (SMBs) continue to be grim. Despite commonly falling victim to data breaches and other attacks, an attitude still pervades that they are either too small to catch the eye of cybercriminals or that their data isn’t valuable enough to warrant an attack.
In a study conducted by Webroot and 451 Research, 71 percent of SMBs admitted to experiencing a breach or attack within the previous 24 months that resulted in “operational disruption, reputational damage, significant financial losses or regulatory penalties.”
According to Webroot Security Analyst Tyler Moffitt, that trend is unlikely to abate.
“We expect that SMBs will continue to be targets for cybercriminals because, just like the public, education, and healthcare sectors, they maintain the same vulnerable environment. They’re low budget, understaffed, and often under-educated on matters of cybersecurity.”
Findings from the 451 Research report confirm Moffitt’s suspicions. A full 36 percent of SMBs surveyed in that study reported that they had no full-time staff on hand dedicated to cybersecurity.
“The SMBs typically targeted have under 50 employees, and it often falls to a lone IT admin or someone in finance or sales to shore up cybersecurity at the company,” Moffitt says. “Almost always it’s a person who wears many hats and doesn’t have much of a budget or expertise.”
It’s the easily overlooked yet easily exploited security gaps like an unsecured RDP that most worry Moffitt. Without dedicated cybersecurity consulting, these can easily be exploited, yet they are easy to fix.
“Expect to see more attacks against less developed nations. Attacks like this don’t generate revenue, rather they are meant to disrupt and destroy” —Grayson Milbourne, Security Intelligence Director, Webroot
We Want to Hear Your 2020 Predictions
Are these the developments you expect to see to kick off the new decade? Have some other ideas? We want to hear what hacks, news stories, or trends in cybersecurity you anticipate in the New Year. You can read additional predictions from our staff for the year ahead, plus submit your own, on the Webroot Community. Click here to visit the Community and share your 2020 predictions.
