Acuity Insurance reports ongoing increased insurance risk for individuals and businesses.

**SHEBOYGAN, Wis., Oct. 13, 2022 /PRNewswire/** — In recognition of Cybersecurity Awareness Month, Acuity Insurance — the sole regional insurance provider rated A+ by both AM Best and Standard & Poor's, with over $6 billion in assets — is reporting an increased need for cyber liability insurance across both personal and business policyholders. From June 2021 to June 2022, Acuity Insurance saw cyber liability insurance claims on its commercial insurance policies increase by more than 50%. For personal policies, Acuity saw more than a 90% increase in cyber claims being reported in 2021 compared with 2020.

"Our lives, homes and businesses are more connected than ever before," said Steve Maliborski, general manager of commercial products at Acuity Insurance. "Being connected leads to a greater risk of cyberattacks, which aren't covered under standard homeowners or business insurance policies."

Acuity experts caution that everyone is at risk — whether you are a small business owner or an individual — as cyberattacks continue to pose a serious financial threat. From 2019 to 2021, cyberattacks were up 50% from the previous year, according to recent research. Wire fraud and gift card scams are two of the most common types of cyberattacks impacting both businesses and individuals, Acuity found.

"Scams involving social engineering are some of the easiest to fall for, as fraudsters exploit a person's trust to obtain money or personal information, which can then be used for unauthorized withdrawals of money," said Bob Hertel, director of personal lines product development at Acuity Insurance. "Cyber insurance can protect you from financial loss caused by wire transfer fraud, phishing attacks, cyber extortion, cyberbullying and more."

While all cybercrimes have a financial impact, fraudulent wire transfers often come with greater losses. Banks are typically not responsible for funds lost as a result of a fraudulent wire transfer inadvertently authorized by the customer. Whether it's a wrongful money transfer by a business or an individual, cyber insurance will help mitigate some of the financial loss caused by these scams.

Although many individuals and companies look to keep their insurance costs as low as possible, adding a cyber endorsement will cost you far less than any cybercrime loss would. At Acuity, the personal lines identity fraud expense and cyber protection endorsement cost just $35 per year, while the average commercial line policy starts at approximately $260 per year.

While the best defense is prevention, you can have peace of mind knowing you are properly covered. Acuity's personal and commercial cyber protection policies contain resources to help minimize cyber risks and protect individuals and businesses. For more information, visit www.acuity.com.

**About Acuity**

Acuity Insurance, headquartered in Sheboygan, Wisconsin, insures over 125,000 businesses, including 300,000 commercial vehicles, and nearly a half-million homes and private passenger autos across 30 states. Rated A+ by AM Best and S&P, Acuity employs over 1,500 people.

**SOURCE:** Acuity Insurance

Acuity Reports Increase in Cyber Liability Insurance Claims as Cybercrime Skyrockets

Once overloaded, our brains can't process information effectively, performance decreases, and even the simplest of tasks seem foreign.

It is safe to say that we all have a memory that makes us smile or gives us a good laugh. Or a memory that reminds you of how far you or a friend have come and gone over the years, especially in a profession as complex as cybersecurity.

This memory brings me back to a week-long red team/blue team exercise: a "friendly" defend-the-castle scenario between classmates. By friendly, I mean we set out to obliterate our networks (in good fun, of course). The week started great. Our team had a few easy wins and gained shell access on several target systems (deleting System32 is a great way to annoy your opponents). But as the week went by, things started to fall apart. Everything made sense, and then it didn't. Data began to blur together, and tasks felt repetitive. Someone threw out an idea, while someone else wanted to argue. There came the point where I caught myself slumped over, staring at my keyboard. Not a single thought could process in my head. Finally, I hear, "Hey, this looks strange." During this phase of the exercise, hearing that statement was like music to our ears.

Our team seemed to snap out of our daze in unison and huddled around our teammate's monitor. He explained what he saw, and we reviewed the packet capture together. "How long have you been monitoring this IP address?" one classmate asked. "For a few hours!" he responded. "That's your IP. You were monitoring you, monitoring them." The room fell silent for a few moments then we all laughed (including him).

I think about that memory often. Mind you, this was a knowledgeable person whom I highly respected. But I could see it on his face that he was burned out. This brings up a great lesson to remember in any profession, especially cybersecurity — our minds can do amazing things, but we must be aware of cognitive overload. When our working memory is overloaded, we can no longer process information effectively, we experience decreased performance, we can make detrimental mistakes and judgments, and even the simplest of routine tasks can seem foreign.

For example, I was on a mission where I parsed billions of network events. The amount of information was enough to make my head hurt. It was like trying to find the needle in the haystack. I was reading the information on my screen, but I wasn't absorbing the content in ways that I usually would. Fields and metadata of each event became indistinct, like looking at the last line of an eye exam chart. My thinking capacity was full, and unlike computers, we cannot add more RAM or plug in an external hard drive to our brains.

Cognitive overload goes even further in that it can affect our emotional well-being. When we are emotionally well, we can produce positive thoughts and adapt to challenging situations. This is imperative when facing the dynamic cybersecurity domain where the stakes are incredibly high. I have had days where I simply felt defeated. My head would fill with negative thoughts that caused even more stress:

_"__Maybe I am not good enough.__"_

_"__I don’t know what I am doing.__"_

_"__I am going to get in trouble.__"_

All these things weren't true, but they were true to me at the time. I couldn't sleep at night, and my thoughts followed me to work. The trickle-down effect that stems from cognitive overload is vicious and unrelenting.

**Tips for Avoiding Overload**

Here are some of the most important things I have learned over the years as a cybersecurity professional about reducing cognitive overload. 

*   Know when to ask for help. Be concise and specific, or you'll never get the help you need.  
*   Speak up for yourself. Voice your opinions about important topics, such as heavy workloads or outdated procedures.  
*   Sometimes, looking at tasks with fresh eyes is the best answer. On several occasions, I have found myself seeing what I _wanted_ and not what was in front of me.  
*   Try to focus on one task at a time. Wandering thoughts are a natural part of how our brains work and can quickly cause us to draw our attention in different directions.  
*   It is hard to see the entire picture when you are standing in it. Take the time to self-reflect and attend to your needs.

Whether in the military or private sector, I have always been surrounded by selfless people. I didn't understand the significance at the time, but that red team/blue team exercise helped shape the way I work.

That day, my classmate taught me a valuable lesson — that monitoring yourself (pun intended) is essential to a healthy and successful career, and no, I don't mean using a packet analyzer. When we see ourselves clearly, we have the ability to do great things like accelerating change in our organizations and advancing the cybersecurity profession as a whole.

Care and Feeding of the SOC's Most Powerful Tool: Your Brain

Electric Vehicle Charging Station Leader Certified in Accordance with ISO/SAE 21434 "Road Vehicles – Cybersecurity Engineering".

BACHENBÜLACH, Switzerland, Oct. 11, 2022 /PRNewswire/ -- Juice Technology AG, producer of electric charging stations and software and the market leader in portable chargers for electric vehicles (EVs), today announced that it has received international certification in accordance with the ISO/SAE 21434 "Road vehicles – Cybersecurity engineering" standard.

"Adoption of the ISO standard is the consistent continuation of our three-level concept for security in electromobility, which we presented at our Juice World Charging Day 2021," said Christoph Erni, founder and CEO of Juice Technology AG. "We are once again a step ahead of our competitors and continue our focus on cyber security. Even though this cyber security standard isn't mandatory for suppliers to automotive manufacturers yet, sooner or later it will become a must for the entire industry. We are adopting it today to continue our focus as a strong partner for OEMs."

Increasing interoperability between vehicles, charging stations, energy management systems and network operators conceals a growing risk of outages because disruptions to electronic systems can spread across individual subsystems. Prevention is therefore the easiest way to reduce cyber risks. For charging infrastructure, this means that security aspects must already be firmly established in the design and development phase. This "security by design" approach begins with procurement of the hardware components, continues in software design and includes all communication processes. Generally accepted coding standards, code analysis tools and code reviews contribute to the reduction of risks. Tried and tested practices ensure more effective quality assurance here.

Measures which are defined in the new ISO standard 21434 offer greater security for product developers, OEMs and their suppliers. As an OEM supplier, Juice not only carries out production in automotive-certified factories but also now has the latest certification in cyber security engineering.

The ISO/SAE 21434 standard was published in August 2021 and relates to components, spare parts and accessories for production vehicles. It covers all phases in the life cycle of a vehicle – from development through production, operation and maintenance to recycling. Although infrastructure outside the vehicle is not actually covered by the standard, charging infrastructure, as an inextricably linked part of e-vehicle infrastructure, is directly affected by it.

For more information about the technical features of Juice Technology solutions visit: https://juice.world/en/technical-highlights.

**About Juice Technology**

Juice Technology AG is a globally active producer of charging solutions for electric vehicles. The company's comprehensive product portfolio, featuring AC and DC charging stations ranging from lightweight portable devices to large fast chargers, makes it one of the very few full-range vendors in the industry. Juice has dominated the market for portable 22-kW charging stations since 2014. To find out more about the company, its products and solutions, go to www.juice-world.com. You can also follow us on LinkedIn, Facebook, Instagram and Twitter.

Juice Technology Receives ISO Certification for Charging Station Cyber Security

BELLVUE, Wash., Oct. 11, 2022 /PRNewswire/ -- ControlMap, Inc., the security and compliance automation platform, announced today the launch of the Trust Portal — a unique interface for users to share valuable security information, data, and status with customers. With this new feature, ControlMap supports its mission to help organizations boost their revenue and win new opportunities, especially for the MSP/MSSP community.  

"Since launching the Trust Portal, we've been able to serve our customers and their own vendors and clients better," said Pallav Tandon, CEO of ControlMap. "Our position as a leading compliance platform gives us a unique perspective into the types of tools growing compliance teams need, which is where we've put our focus. We're thrilled to launch this new feature to make our platform more user-friendly and share-friendly."

With the implementation of the Trust Portal, ControlMap will be supporting users of the platform with several new functions, including:

*   The ability to upload compliance framework & audit reports in just a few clicks
*   Add security reports, assessments, and links directly to the portal
*   Showcase real-time controls to existing stakeholders
*   Securely share the portal with prospects and create a public page for prospects to request documentation

In short, the Trust Portal creates compliance alignment across organizations, departments, and teams. For security professionals looking to easily share information without the hassle of cumbersome documents, the Trust Portal provides a seamless solution.

**About ControlMap**

ControlMap was established in 2019 and has helped hundreds of organizations improve their security posture through cybersecurity operations management. The ControlMap SAAS platform is designed to help organizations achieve IT compliance with ease, confidence & reliability. It's the easiest, most complete & turnkey Cybersecurity Compliance Assurance Platform designed for anyone who is starting, looking to scale, or automating their Infosec Compliance & Audit processes.

Learn more at www.controlmap.io

ControlMap Announces the Launch of the Trust Portal, Creating Transparency in Cybersecurity Compliance

Trend Micro research reveals supply chains are key source of risk.

DALLAS, Oct. 11, 2022 /PRNewswire/ -- Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today revealed that 86% of global healthcare organizations (HCOs) that have been compromised by ransomware suffered operational outages.

Most (57%) global HCOs admit being compromised by ransomware over the past three years, according to the study. Of these, 25% say they were forced to completely halt operations, while 60% reveal that some business processes were impacted as a result.

On average, it took most responding organisations days (56%) or weeks (24%) to fully restore these operations.

Ransomware is not only causing the healthcare sector significant operational pain. Three-fifths (60%) of responding HCOs say that sensitive data was also leaked by their attackers, potentially increasing compliance and reputational risk, as well as investigation, remediation and clean-up costs.

Respondents to the study also highlight supply chain weaknesses as a key challenge. Specifically:

*   43% say their partners have made them a more attractive target for attack
*   43% say a lack of visibility across the ransomware attack chain has made them more vulnerable
*   36% say a lack of visibility across attack surfaces has made them a bigger target

The good news is that most (95%) HCOs say they regularly update patches, while 91% restrict email attachments to mitigate malware risk. Many also use detection and response tools for their network (NDR) endpoint (EDR) and across multiple layers (XDR).

However, the study also highlights potential weaknesses, including:

*   A fifth (17%) don't have any remote desktop protocol (RDP) controls in place
*   Many HCOs don't share any threat intelligence with partners (30%), suppliers (46%) or their broader ecosystem (46%)
*   A third (33%) don't share any information with law enforcement
*   Only half or fewer HCOs currently use NDR (51%), EDR (50%) or XDR (43%)

Worryingly few respondents are able to detect lateral movement (32%), initial access (42%) or use of tools like Mimikatz and PsExec (46%)

"In cybersecurity we often talk in abstractions about data breaches and network compromise. But in the healthcare sector, ransomware can have a potentially very real and very dangerous physical impact," said Bharat Mistry, Technical Director at Trend Micro.

"Operational outages put patient lives at risk. We can't rely on the bad guys to change their ways, so healthcare organisations need to get better at detection and response and share the appropriate intelligence with partners to secure their supply chains."

**About Trend Micro**  
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organizations to simplify and secure their connected world. www.TrendMicro.com.

SOURCE Trend Micro Incorporated

Quarter of Healthcare Ransomware Victims Forced to Halt Operations

Enterprises seeking asset visibility and security enabled to simplify the procurement process of Armis.

SAN FRANCISCO, Oct. 11, 2022 /PRNewswire/ -- Armis, the leading asset visibility and security company, today announced its availability on Google Cloud Marketplace. This relationship will further enable Armis customers to securely accelerate their digital transformations by scaling solutions, utilizing committed spend, consolidating purchases, and simplifying the overall procurement process of Armis through Google Cloud Marketplace.

According to industry research, CIOs expect their technology budgets to grow by 4.5 percent by the end of this year, a notable increase on the 10-year average of 4.1 percent growth. Cloud computing, cybersecurity, digital transformation, and software updates ranked at the top of the CIOs' priority lists when identifying the drivers of this increased spending.

Google Cloud Marketplace lets users quickly deploy software packages to their Google Cloud environment, with no manual configuration required.

"Google Cloud Marketplace is simplifying the way in which business and security leaders discover, purchase, and manage much-needed cloud solutions, helping to bridge the gap between IT decision-makers and solutions providers, such as Armis," said Jimmy Harkin, VP, Strategic Development at Armis. "We recognized an opportunity to provide customers with much-needed asset visibility through Google Cloud Marketplace. This helps support and secure customers' digital transformation initiatives as these businesses scale. We're extremely excited to be available on Google Cloud Marketplace and are eager to help more organizations seeking our unique expertise."

The Armis Asset Intelligence Platform is an innovative asset intelligence platform providing unified asset visibility and superior security across all asset types, including IT, IoT, OT, IoMT, cloud, and cellular-IoT — both managed and unmanaged. Delivered as an agentless SaaS platform, Armis seamlessly integrates with existing IT and security stacks to quickly deliver the contextual intelligence needed for improving an organization's security posture, without disrupting current operations or workflows. Armis helps customers protect against unseen operational and cyber risks, increase efficiencies, optimize use of resources, and safely innovate with new technologies to grow their business.

"As organizations expand and digitally transform their businesses, they require solutions that help manage the risks associated with managed and unmanaged assets," said Dai Vu, Managing Director, Marketplace & ISV GTM Programs, Google Cloud. "With the Armis platform now available on Google Cloud Marketplace, customers will have great access to cloud solutions and the experts they need to keep their business operations secure as they move along their transformation journey."

The availability of Armis on Google Cloud Marketplace demonstrates the evolution of the relationship between Armis and Alphabet's independent growth fund, CapitalG, which has been an investor in Armis since 2019.

To learn more and purchase Armis on Google Cloud Marketplace, please visit: https://console.cloud.google.com/marketplace/product/armis-public/armis-cloud-marketplace-platform?pli=1

**About Armis**

Armis, the leading asset visibility and security company, provides the industry's first unified asset intelligence platform designed to address the new extended attack surface that connected assets create. Fortune 100 companies trust our real-time and continuous protection to see with full context all managed, unmanaged assets across IT, cloud, IoT devices, medical devices (IoMT), operational technology (OT), industrial control systems (ICS), and 5G. Armis provides passive cyber asset management, risk management, and automated enforcement. Armis is a privately held company and headquartered in California.

Armis Now Available on Google Cloud Marketplace

At Next '22, Google Cloud announces updates to its trusted cloud ecosystem with new Sovereign Solutions initiative and partnerships spanning critical areas of cybersecurity.

SUNNYVALE, Calif., Oct. 11, 2022 /PRNewswire/ -- Google Cloud today announced a significant expansion of its trusted cloud ecosystem, highlighting new integrations and offerings with more than twenty partners focused on enabling greater data sovereignty controls, supporting Zero Trust models, unifying identity management, and improving endpoint security for global businesses.

Global businesses face growing challenges in cybersecurity and data protection, as cyber threats become increasingly sophisticated, hybrid work becomes the norm, and governments adopt new requirements for data sovereignty and control. Google Cloud provides businesses with industry-leading, end-to-end security capabilities to support customers across their cloud and on-premises environments—and today it is announcing a series of partnerships that extend its leadership as an open and trusted cloud.

By embracing its ecosystem of partners, Google Cloud is ensuring that global businesses have choice and flexibility to work with leading cybersecurity vendors and to deliver diverse sets of applications on infrastructure compliant with growing data protection requirements.

"Providing businesses with extensible cybersecurity solutions in the cloud, and a collaborative ecosystem of partners, is the only practical approach to addressing enterprises' greatest cybersecurity challenges," said Sunil Potti, VP, Cloud Security at Google Cloud. "Our partners play a critical role in keeping customers secure and compliant, whether enabling secure hybrid work, safeguarding critical infrastructure, or meeting stringent data residency requirements."

"Success with today's digital business platforms requires a connected and trusted ecosystem of partners to help ensure better security outcomes for customers," said Prem Iyer, VP, GSI and CSP Ecosystems at Palo Alto Networks. "We remain committed to continuing our momentum with Google Cloud, delivering best-in-class solutions that simplify cloud security for our joint customers while improving their security posture."

"The Symantec Enterprise Division and Google Cloud are committed to addressing critical requirements of governments and highly regulated industries to establish sovereignty over data at rest, in use, and in transit," said Rob Greer, VP and GM at Symantec Enterprise Division, Broadcom. "The Google Cloud Ready–Sovereign Solutions program provides Symantec customers with a transparent and flexible approach to meet local data security and privacy laws, across our cybersecurity solutions."

**Bringing partner applications to European sovereign clouds**  
Google Cloud is announcing a new Google Cloud Ready–Sovereign Solutions program to help customers identify partner applications validated to be compatible with Google Cloud's portfolio of Sovereign Solutions, including partner offerings from T-Systems in Germany and S3NS in France. This program will give customers the confidence to continue using applications that are critical to their business while meeting their digital sovereignty objectives.

Today, a diverse group of software partners are committing to validate their platforms for this program, including Aiven, Broadcom (Symantec), Cloud Software Group (Citrix), Climate Engine, Commvault, Confluent, Datadog, DataIKU, Dell Technologies, Elastic, Fortinet, Gitlab, Iron Mountain, LumApps, MongoDB, NetApp, OpenText, Palo Alto Networks, Pega Systems, Siemens, SUSE, Thales, Thought Machine, Veeam, and VMware.

**Expanding Zero Trust architecture with partners**  
Businesses around the world utilize Google Cloud's BeyondCorp Enterprise Zero Trust solution to enable secure access to applications and resources and to safeguard data. In 2020, Google Cloud announced the BeyondCorp Alliance, creating an ecosystem of partners to help enable customers to integrate products and utilize information from leading security vendors including CrowdStrike, Palo Alto Networks, VMware, and more.

Today, Google Cloud is taking a significant step forward in the extensibility of its Zero Trust offerings by partnering with Palo Alto Networks to ensure customers can embrace a ZTNA 2.0 strategy, protecting all users and applications on devices connected across any network.

**Simplifying identity management across platforms**  
Unified identity management is another critical component to secure hybrid work, because it safely eliminates the need to maintain separate user identities across multiple platforms. Alongside its own Identity and Access Management products, Google Cloud is announcing new integrations with ForgeRock, JumpCloud, Okta, and Ping Identity that will automatically extend identity management capabilities and policies to joint customers, adding significant value to investments customers have already made, and helping further secure commonly-used applications.

**Improving endpoint security and operations**  
These partnerships build on Google Cloud's existing ecosystem of endpoint and security operations partners. Strong endpoint protection helps businesses maintain data security while giving their workforces the flexibility to access key applications and information seamlessly across devices, including mobile phones, desktops, laptops, and more. Through its Chronicle Security Operations platform, Google Cloud offers a modern, cloud-first suite that better enables cybersecurity teams to detect, investigate, and respond to threats.

Google Cloud's ecosystem of partners like CrowdStrike, Cybereason, and Fortinet integrate their platforms with Chronicle, ensuring customers have the flexibility and choice to modernize their endpoint security operations.

With the addition of Mandiant to Google Cloud, endpoint partners will also have opportunities to deepen their integrations with Google Cloud's end-to-end security operations suite, with even greater capabilities to support customers across their cloud and on-premises environments.

**Delivering implementation and managed services through systems integrators**  
Google Cloud's top systems integrators including Deloitte will provide implementation customization and managed services for customers, bringing together Google Cloud's capabilities in security analytics, threat intelligence, automation, and SecOps with those of its ecosystem to help customers more quickly prevent and respond to cyber threats.

Learn more about Google Cloud's ecosystem of security partners here.

**About Google Cloud**  
Google Cloud accelerates every organization's ability to digitally transform its business. We deliver enterprise-grade solutions that leverage Google's cutting-edge technology – all on the cleanest cloud in the industry. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.

SOURCE Google Cloud

Google Cloud Advances Partnerships with 20-Plus Software Companies Focused on Digital Sovereignty and Cybersecurity

Silent Eight announced an extension to its existing partnership with HSBC to tackle financial crime.

LONDON, Oct. 11, 2022 /PRNewswire/ -- The new service will cover the deployment of Negative News Screening that leverages machine learning to identify individuals who pose a greater risk for money laundering, fraud or terrorist financing. As financial crime continues to present a challenge, banks need to pivot to an increased use of Machine Learning within compliance, and move away from manual processes or alert scoring.

Silent Eights' solution provides a more effective approach to address true matches and resolve the issue of false identifications. With this expansion, Silent Eight will be solving name screening matches across every risk type within HSBC.

"HSBC is dedicated to drive AI innovation in the financial services field, and with Silent Eight's capabilities, we continue our focus on tackling financial crime more effectively and make the industry safer. We are excited to see the value that they will create by integrating Negative News screening into our platforms," said Mark Turkington, Group Head of Financial Crime Detection.

Silent Eight CRO, Matt Leaney, said, "Working with a technology leader like HSBC who is embracing machine learning within compliance is a pleasure for us. It is a true partnership of shared goals and interests, we look forward to deepening our relationship and supporting their goals for many years to come."

**About Silent Eight:**

Silent Eight makes crime bad business and with its banking, insurance and payment partners is responsible for stopping bad actors accessing the financial system Silent Eight leads the world in Artificial Intelligence solutions for the compliance challenges of today and tomorrow. Spanning customers and transactions, covering Sanctions, Adverse News, PePs and monitoring Silent Eight ensures all potential risks are investigated and decided quickly, accurately and consistently.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

HSBC and Silent Eight Expand Machine Learning Partnership

Nexusguard DDoS Statistical Report reveals key attack observations and analysis from the first half of 2022.

SAN FRANCISCO--(BUSINESS WIRE)--In the first half of 2022, the amount of DDoS (distributed denial of service) attacks increased by 75.6% compared to the second half of 2021, according to new Nexusguard research revealed in the company’s DDoS Statistical Report for 1HY 2022. While the total number of attacks did grow, the average (0.59 Gbps) and maximum (232.0 Gbps) attack sizes each decreased by 56% and 66.8%, respectively, during the same period. Notably, application attacks increased a whopping 330% compared to the second half of 2021, and amplification attacks increased by 106.7%.

Single-vector attacks represented 85% of all attacks globally in H1 2022. UDP (User Datagram Protocol) attacks, which quickly overwhelm the target defenses, and HTTPS Flood, which exhaust servers with valid HTTPS requests, were the two most predominant vectors. Nearly four out of 10 (39.6%) attacks were UDP, an increase of 77.5% from H2 2021, and the two groups combined accounted for more than half (55.5%) of DDoS attacks globally. UDP attacks frequently serve as a smokescreen to mask other malicious activities such as efforts to compromise personal identifiable information (PII) or the execution of malware or remote codes.

New to Nexusguard DDoS reports are statistics describing top reflected attack destinations. Reflection attacks spoof the IP address of the target, tricking it to believe it has received an authentic request, typically via UDP, to which the target responds. Nearly three-quarters (74.6%) of all reflected attacks targeted organizations in Brazil and South Korea. Within Europe, the United Kingdom received almost a quarter (24.6%) of all reflected attacks in that region and in the Middle East and Africa, the Seychelles and Saudi Arabia combined received more than half (55.5%).

Stealthy Bit-and-Piece attacks continue to plague ASN-level Communications Service Providers (CSPs) globally, especially internet service providers (ISPs). While 81% of attacks globally were less than a single Gbps, Bit-and-Piece attacks by /24 networks registered minimum sizes of 0.0637 Gbps and a maximum of 123.7 Gbps. By drip-feeding doses of junk traffic into a large IP pool, the traffic remains small enough to evade traditional threshold-based detection, but accumulates to be enough to clog and disable the target.

“Attackers came out of winter hibernation with never-before-seen levels of intent, showing an incredible increase of attacks in Q2 2022 alone and by June, reaching the highest first-half levels since 2018,” said Juniman Kasman, chief technology officer of Nexusguard. “We’ve expanded our DDoS reports to include data on reflected attack destinations and have separated Europe from the Middle East and Africa regions to provide organizations with even more information on DDoS attacks. The wide variability in attack types shown by our latest report demonstrates that companies must remain vigilant in protecting themselves against the risk of DDoS attacks.”

Read Nexusguard’s DDoS Statistical Report 1HY 2022 for more information on attack vectors, stats and trends based on data gathered from CSPs, honeypots, botnet scanning and research on traffic moving between attackers and their targets.

**About Nexusguard**

Founded in 2008, Nexusguard is a leading cloud-based distributed denial of service (DDoS) security solution provider fighting malicious internet attacks. Nexusguard ensures uninterrupted internet service, visibility, optimization and performance. Nexusguard is focused on developing and providing the best cybersecurity solution for every client across a range of industries with specific business and technical requirements. Nexusguard also enables communications service providers to deliver DDoS protection solutions as a service. Nexusguard delivers on its promise to provide you with peace of mind by countering threats and ensuring maximum uptime. Visit www.nexusguard.com for more information.

Nexusguard Research Shows Total Number of DDoS Attacks Increased during First Half of 2022 While Maximum Attack Size Decreased Compared to Second Half of 2021

Resistant AI and ComplyAdvantage launch AI transaction monitoring solution to combat fraud and money laundering.

LONDON, Oct. 11, 2022 /PRNewswire-PRWeb/ -- Holvi, the digital banking service for small businesses, is among the initial group of customers to implement the AI-driven solution to manage their financial crime risk.

Resistant AI, the AI and machine learning financial crime prevention specialists, and ComplyAdvantage, the financial industry's leading source of AI-driven financial crime risk data and detection technology, today announced the general availability of their solution for fighting financial crime across  
the U.S. and Europe.

Financial crime is a multi-trillion-dollar problem. According to the \[United Nations, the estimated amount of money laundered globally in one year is 2 - 5% of global GDP, or 800 billion - 2 trillion US dollars. While the cost of fraud and money laundering to financial organizations and other businesses is significant, the cost and damage to economies and society as a whole is immeasurable.

Adding Resistant AI's capabilities to ComplyAdvantage's transaction risk monitoring platform extends anti-money laundering (AML) and anti-fraud protections offered to financial institutions and other businesses by:

\-- Enabling them to detect previously unknown patterns of behavior and identify new risks faster.  
\-- Delivering alert prioritization so organizations can focus on the highest-risk areas and make the best use of their investigative resources.

With these capabilities, organizations can transition to a more dynamic approach to financial crime that uncovers novel behavior as it happens.

"Effectiveness and efficacy are key to scaling," comments Valentina Butera, Head of AML and AFC Operations at Holvi. "Integrating an AI-driven transaction monitoring solution means we can grow our customer base without growing our headcount at the same rate. With Resistant AI and ComplyAdvantage, we can manage our known risks more efficiently while also identifying and adapting to previously unknown risks."

Martin Rehak, founder, and CEO at Resistant AI, commented, "We are delighted that our joint solution is now available to drive game-changing efficiency gains. Alert prioritization, the ability to make systems more effective and identify previously unknown risks enables the most effective use of investigative resources and ensures a true risk-based approach."

"In a complex, rapidly shifting world, criminals continue to find new ways to exploit financial services to launder the proceeds of their crimes. At ComplyAdvantage, we are passionate about giving our clients the best tools to protect themselves - and their customers - from these bad actors and fight back.

The addition of Resistant AI's capabilities will allow our clients to do just that," said Charles Delingpole, founder, and CEO at ComplyAdvantage.

Today's announcement coincides with the launch of a new thesis paper on AI in transaction monitoring. Co-authored by ComplyAdvantage and Resistant AI, it explores how customers like Holvi can increase the speed and accuracy with which they monitor transactions for fraud and other financial crime risks.

**About Resistant AI**

Founded in 2019, Resistant AI uses AI and machine learning to provide identity forensic solutions that protect automated financial services from fraud and manipulation, including customer onboarding, AML and existing fraud detection systems. The Resistant AI founding team has a deep background in machine learning, artificial intelligence and computer security with more than 15 years of experience applying AI in the computer security domain. Backed by GV (formerly Google Ventures), Index Ventures, Credo Ventures, Seedcamp, and several angel investors specializing in financial technology and security, Resistant AI is headquartered in Prague with offices in London and New York.

Visit resistant.ai to learn more.

**About ComplyAdvantage**

ComplyAdvantage is the financial industry's leading source of AI-driven financial crime risk data and detection technology. ComplyAdvantage's mission is to neutralize the risk of money laundering, terrorist financing, corruption, and other financial crime. More than 500 enterprises in 75 countries rely on ComplyAdvantage to understand the risk of who they're doing business with through the world's only global, real-time database of people and companies. The company identifies thousands of risk events daily from millions of structured and unstructured data points.

ComplyAdvantage has four global hubs in New York, London, Singapore, and Cluj-Napoca and is backed by Goldman Sachs, Ontario Teachers', Index Ventures, and Balderton Capital. Learn more at https://complyadvantage.com/.

Source

DARKReading