There’s no doubt that 2021 will be one of the record books regarding data breaches. The Identity Theft Resource Center (ITRC) reported the total number of data breaches through September 30, 2021, had already exceeded by 17% the total number of events in 2020. The numbers can only go up due to recent zero-day vulnerabilities such as Log4j.
Log4j is a Java-based logging audit framework within Apache. Apache Log4j <=2.14.1 JNDI features used in the configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other JNDI-related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.
COVID-19 has dominated headlines for almost two years, and hackers continue to exploit the pandemic in their attacks. In March 2020, COVID-19-related phishing attacks jumped 667%, and then as vaccination programs rolled out, so did the new wave of vaccine-related email threats. The latest omicron variant led to another spike in COVID-19 cases and phishing attacks.
As we begin another year of pandemic living, it’s important to remember that while there have been significant ups and downs in the business environment, the fundamentals for Managed Service Providers (MSPs) have remained consistent. Security is a critical concern, and MSPs that haven’t shifted to a security-centric focus will be left behind.
There are currently 1 million companies using Office 365, and we’ll likely continue to see this number climb as more businesses expand their work-from-home force. Most of us are familiar with why Office 365 has become so popular — quite frankly; it’s just easier.
The theme for Cybersecurity Month this year was ‘Cybersecurity First.’ The point was to underscore the importance of building security into products, processes, workflows, standards, communications, and anything else that touches the internet or some other network.