9 月 2023 - 頁3，共11

Healthcare Orgs Warned of Extended Post-Breach Downtime

It’s now common knowledge that successful cyberattacks result in severe consequences for organizations – financial loss, disruptive system downtime, and hefty reputational damage. However, in some industries, these consequences can be even more dire. For example, The Joint Commission, a leading authority in healthcare accreditation, recently advised hospitals to plan for at least a month of post-breach downtime following a cyberattack as part of its new cybersecurity management guidelines.

An Escalating Threat Landscape

In healthcare, a successful cyberattack can compromise patient data, interrupt critical care, and even jeopardize lives. The reliance on the Internet of Medical Things (IoMT) devices and electronic health records makes healthcare systems particularly vulnerable. At the same time, patient data, which is inherently sensitive, is considered incredibly lucrative. Lastly, the healthcare industry is the most likely to pay up during a ransomware attack. This combination of factors makes healthcare organizations high-stakes targets for malicious actors.

As a result, hospital breaches have surged in recent years. For example, August 2023 saw an incredibly destructive ransomware attack on a 16-hospital system based in California. The onslaught caused ambulances to be diverted, outpatient services to close, and emergency departments to shutter. And the bigger picture is even more alarming – US healthcare organizations suffered an average of 1,410 weekly cyberattacks per organization in 2022, up 86% compared with 2021.

Post-Breach Downtime

Three to Four Weeks to Restore Critical Systems

Getting critical systems back online isn’t a quick fix; it’s often a lengthy process. The national adviser for cybersecurity and risk at the American Hospital Association estimates that restoring essential systems can take three to four weeks. And for noncritical systems? Expect an even longer recovery period.

The stakes are high; even a few staff members falling for a phishing scam can set off a chain of events with severe, far-reaching consequences.

In this context, a month-long downtime isn’t just an inconvenience. It’s a critical period where patient care may suffer, and lives could be at risk.

Why So Long?

Three to four weeks of system downtime is incredibly disruptive, especially in an industry with such high stakes. So why does it take so long to restore essential systems?

Complexity and Interconnectedness: Hospitals operate on intricate, interdependent networks that are challenging to untangle or repair. One compromised system can affect several others, making restoration a coordinated and complicated endeavor.
Forensic Analysis and Software Patching: Identifying the scope of the breach and fixing security vulnerabilities is a meticulous process. It involves not just a deep dive into what happened but also patching software flaws, which can be especially time-consuming if specialized or custom software is involved.
Hardware and Data Integrity: Cyberattacks can corrupt both hardware and data. Replacing or repairing hardware and verifying data integrity are labor-intensive and time-consuming tasks, often requiring specialized expertise.
Compliance and Legal Obligations: Restoring systems isn’t just a technical challenge; it’s a legal one. Hospitals must adhere to strict regulatory guidelines when handling breaches, including patient notifications and coordination with authorities, which divert resources and add time to the recovery process.
Patient Safety Concerns: The foremost priority is ensuring the restored systems are functional and safe for patient care. Rigorous testing is required before these systems can be put back into operation, adding an additional layer of time and caution to the process.

How Healthcare Organizations Fall Victim to Cyberattacks

Phishing

Phishing is a significant weak point. In these attacks, cybercriminals send seemingly legitimate emails that may mimic the appearance of trustworthy sources like medical suppliers, governmental health agencies, or internal departments. These emails often contain malicious links or attachments. Once an employee clicks on these, they may inadvertently provide access to sensitive data such as patient records or login credentials.

Because healthcare workers are often under time pressure and may lack comprehensive cybersecurity training, they are more susceptible to falling for phishing scams. This makes it easier for attackers to penetrate otherwise secure networks.

Internet of Medical Things (IoMT)

IoMT devices like patient monitoring systems, MRI machines, and wearable fitness trackers expand the attack surface for cybercriminals.

Many IoMT devices lack robust built-in security measures, making them easy targets. Additionally, these devices are often overlooked during security audits and may not be included in regular network monitoring. As a result, attackers can exploit vulnerabilities in these medical devices to gain unauthorized access to healthcare systems, potentially manipulating device functionality and compromising patient safety. According to Cynerio’s State of Healthcare IoT Device Security 2022 report, 53% of connected devices are at risk of a cyber-attack.

Ransomware Attacks

Ransomware attacks have seen a sharp rise in frequency and sophistication across all sectors, but they are particularly crippling for healthcare organizations. In these attacks, malicious software encrypts essential files and systems, rendering them inaccessible. Data recovery becomes an arduous task, often requiring specialized expertise and tools.

Cybercriminals often favor ransomware attacks over other types of cyberattacks when targeting healthcare institutions for several reasons. First, healthcare organizations manage sensitive and critical data essential for patient care, making them more likely to pay the ransom quickly. Second, the healthcare sector is generally focused on patient care rather than cybersecurity, creating potential vulnerabilities that make ransomware attacks easier to execute. When weighed against the cost and complexity of data recovery, especially during a time-sensitive medical emergency, paying the ransom often seems to be the lesser of two evils, perpetuating the cycle of attacks.

Final Thoughts

Healthcare organizations can’t afford to skimp on cybersecurity. The stakes are incredibly high, ranging from financial loss to endangering lives. Investing in robust cybersecurity measures is crucial to mitigate the risk of attacks and prevent the devastating, time-consuming aftermath of system downtime.

About Version 2
Version 2 is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

Customer service hiring process: the resume that will make you succeed!

If you have that innate vocation to help others, and you have not been able to with the vow of chastity that the Church requires, nor with the hypocrisy of some NGOs, diving into the exciting world of customer service may be the perfect choice for you.

From the hustle and bustle of retail to the charms of hospitality, job opportunities in this field are virtually endless.

No matter what your particular interests are, you can always find a position that fits your short and long-term career goals.

Imagine having the opportunity to make a difference in people’s lives on a daily basis. Like Superman or, in his day, Indurain.

However, we cannot ignore the fact that the field of customer service is highly competitive.

How to make your resume and cover letter stand out from the rest?

The key is to understand the need for a specialized curriculum.

Too often, job seekers settle for a generic resume that they use to apply for any position, with hardly any modifications.

But here’s the hard truth:

Generic resumes rarely achieve success, especially when it comes to customer service positions!

If you really want to stand out, you need to invest time in updating and customizing your resume for each specific position you apply for.

At present, recruiters and management teams are looking for candidates who can actually demonstrate that they adapted their CV and previous experience, with the aim of showing why they are the best candidate for the position.

This means that you should write your goal, work experience, skills, and other sections of the resume from a customer service-focused perspective.

There is no room for duplicate resumes; each must be unique and outstanding.

But how can you achieve that? Don’t worry, we’re here to guide you through the process of writing a resume that will help you stand out from the crowd and get employers’ attention.

*Remember, your resume is your cover letter and a chance to showcase your passion for customer service. Get ready to impress recruiters and open the doors to a successful career in the exciting world of customer service.

For a specialized resume: highlight your most relevant experience

When it comes to addressing the “past jobs” section on your resume, it’s important that you focus on your most relevant experience rather than following the reverse chronological approach.

This strategy is especially useful when your most relevant professional experience is not your most recent position.

How should you address this situation on your resume?

Ideally, your most relevant work experience should appear first in the employment section of your resume, which means, we insist, that you should not follow the traditional reverse chronological order.

An effective way to achieve this is to divide your work experience into two sections:

“Relevant professional experience” and “Other work experience”, for example.

*Yes, I know they look like nondescript titles, but they’re super specific.

De esta manera, puedes resaltar todos tus trabajos relevantes en atención al cliente cerca de la parte superior de tu currículum, donde es más probable que los reclutadores lo noten, mientras utilizas la otra sección para mostrar que también ha tenido empleos estables en otros campos.

That way, you may highlight all of your relevant customer service jobs near the top of your resume, where recruiters are more likely to notice, while using the other section to show that you’ve had stable jobs in other fields as well.

Now, when describing your previous positions, it’s important to refresh your descriptions using industry “buzzwords.”

You know.

Keep in mind that those who review your resume probably won’t have time to read it carefully.

Instead, they will flip through it for relevant information.

This is where keywords become important.

Also, if you have experience using social media to attract customers, be sure to highlight it.

Increasingly, the ability of customer service professionals to manage companies’ social networks, such as Facebook, Twitter, Instagram, and other platforms, is being valued.

Resume customization: the road to success

In job search, each position has its own particularities and requirements.

Therefore, it is essential to tailor your resume and application for a cashier position differently than applying for a retail supervisor position.

While a cashier resume highlights your cash management and problem-solving skills, a supervisor position requires a focus on leadership and communication skills.

When you are looking for job offers in customer service and you decide to apply, one of the best strategies you can follow is to incorporate all the relevant information of the position into your resume.

*For example, if a job ad for a call center representative is looking for candidates who can work in fast-paced environments and solve conflicts, you should tailor specific parts of your resume to show how you reflect those skills.

This may include specific examples of previous roles, where you worked in high-speed environments or situations where you were entrusted with problem-solving.

The more customized your resume is for the position you’re applying for, the better your chances of receiving a call for an interview.

Also, don’t forget to highlight your past accomplishments!

One of the most common mistakes when writing a customer service resume is not emphasizing previous achievements with specific examples.

This is your time to shine, like Elsa in Frozen, and stand out from the rest of the job seekers.

If you successfully led your sales team, achieved first place in regional sales, or if you received a customer satisfaction award in a previous job, this is something you should definitely include in your resume!

Dedicate a specific section at the end of the resume to highlight special awards and recognitions, and take advantage of the spaces in each job listing to include particular examples of your accomplishments.

Highlighting your job stability and relevant training in the curriculum

In the competitive field of customer service, job stability is an increasingly valued factor by companies.

With such high turnover rates, highlighting your track record of staying in previous positions can make all the difference compared to other candidates with similar skills and experience.

If you’ve worked at a company for several years, take this opportunity to highlight your commitment and reliability on your resume.

*Devote a special section to highlighting your job stability, especially if you’ve been in a position for an extended period.

This will show potential employers that you are someone they can trust and that you have the ability to maintain a long-term relationship with a company.

In case there are gaps in your employment history of more than five years, consider including only the last five years of work experience to avoid highlighting those gaps, especially if your previous jobs are not directly related to customer service.

Also, don’t forget to mention the relevant courses and studies you’ve taken!

Even if you haven’t earned a degree, you can still list the college courses you’ve completed as “relevant courses.”

Examine the classes you have taken and select those that are relevant to customer service work.

For example, a communication course or a foreign language can be very valuable in dealing with customers who speak different languages.

Briefly explain how these courses have helped you develop specific skills in the field of customer service, such as conflict resolution and effective communication.

Resume submission and format

Proper presentation and formatting of a customer service resume are crucial elements in capturing the attention of recruiters and standing out from the competition.

It’s essential to consider both length and design to ensure your resume is effective and conveys information clearly and concisely.

First of all, you should keep in mind that recruiters usually spend little time reviewing each resume.

*Therefore, it is advisable to keep your resume on a single printed page.

Avoid the temptation to include all the details of your previous work experiences.

Instead, focus on the most relevant and outstanding aspects of your journey.

The logical format of your resume is equally important.

Start with your contact details, such as your name, phone number, email address, and home address.

Next, consider including a short statement of objectives expressing your interest in the specific position you are applying for.

This can be especially helpful when applying for a position at a company that is hiring for multiple roles simultaneously.

Subsequently, present your relevant educational and work experience, highlighting those roles and responsibilities that demonstrate your skills in customer service.

Remember to tailor this section to each position you apply for, emphasizing tasks and accomplishments that align with each employer’s specific requirements.

*A list of specific skills could also be very useful!

Include competencies that are relevant to the customer service role, such as problem-solving skills, effective communication, and focus on customer satisfaction.

Also, if you have outstanding awards or recognitions, you can mention them in a separate section to highlight your past achievements.

As for references, unless specifically requested in the application, it is not necessary to include them in your resume.

Instead, you can indicate that references will be available upon request.

Conclusions

If you are looking for an exciting and rewarding career in the field of customer service, it is important that you stand out from the crowd of applicants.

Do not settle for a generic resume, but invest time in customizing it for each position you apply for.

Remember that recruiters are looking for candidates who demonstrate that they adapted their experience and skills to customer service.

Highlight your most relevant experience and use relevant keywords to capture employers’ attention.

Customize your resume for each position, highlighting the specific skills that are required.

Don’t forget to highlight your past achievements and awards received, as this can make all the difference.

In addition, job stability and relevant training are valued aspects in the field of customer service.

Highlight your history of staying in previous positions and mention the relevant courses and studies you have taken.

Finally, pay attention to the presentation and format of your resume.

Keep it on a printed page and organize it logically.

Start with your contact details, followed by a mission statement and your relevant educational and work experience.

Highlight your skills and mention outstanding awards and recognitions in separate sections.

So get off the couch and get ready to impress recruiters and delve into the exciting world of customer service!

With a personalized and well-presented resume, you’ll be one step closer to achieving your dream career and making a difference in people’s lives every day. Just like Wonder Woman!

Good luck and come back to this article to leave a message if you made it!

About PandoraFMS
Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes.
Of course, one of the things that Pandora FMS can control is the hard disks of your computers.

Pandorafms 2023

The AI race: will you adapt or fall behind in business automation?

Many organizations are at a critical crossroads in the race toward AI-driven automation. The allure of AI is irreristible. It promises greater efficiency, higher productivity, and streamlined operations. But, as with any technological revolution, the question is whether it’s a necessity or just a trend.

We talked to Shawn David, an AI expert, about why companies must adapt to AI automation to survive and boost their productivity. We also discussed the potential risks AI technologies entail.

Shawn David has degrees in computer science and organizational leadership. He found his passion in automation while working at a marketing agency. He now runs “Automate to Win,” educating entrepreneurs on using AI to enhance productivity and efficiency.

At a glance: insights from this interview

Benefits of AI for organizations: how AI enhances efficiency and productivity through automation?
Strategy for adopting AI: what’s the best plan for implementing an AI-based tool?
Data safety & AI: how to ensure your assets are safe with AI-based technologies?
AI-powered decision-making: how AI can help make informed decisions?
AI integration across industries: how AI automates tasks across various sectors?
Risks regarding AI: what’s the best approach to the adoption of AI?

Benefits of AI for organizations

NordLayer: Shawn, generative AI tools like ChatGPT and Midjourney are now on everybody’s radar, and some organizations have already successfully deployed them. What are the benefits of using AI for businesses?

Shawn David: There are many benefits, but first of all, AI greatly improves business efficiency and productivity, particularly in automation. Employees can swiftly spot patterns and segments in large datasets, saving them from the manual analysis of thousands of lines of spreadsheets. This speed and accuracy can help combat fatigue and reduce errors. For example, creating a presentation deck can take 20 minutes instead of five hours.

By automating manual and repetitive processes, businesses can focus on understanding their workflows and automating the right processes. The essence is in deploying automation identifying and optimizing processes for reliable outputs. It’s the bread and butter of AI-driven automation, which, done properly, helps businesses achieve greater efficiency, higher productivity, and more reliable results.

NordLayer: You said repetitive jobs would be automated. And interestingly, Gartner predicts that 40% of such tasks we do now will be automated by 2030. What are the business implications of adopting AI?

Shawn David: I can highlight an example from an agency’s context. This agency conducts more than 2,000 A/B tests annually across various clients. Now, imagine streamlining this and automating the mechanism. Whatever time and workforce you save can be entirely freed up. Also, assuming the agency’s billable rate is $300 per hour and the average time spent on this particular task is almost five hours, the annual gain amounts to $2.7 million. What’s remarkable about AI is that this isn’t just a cost-saver. It’s a strategic asset that fuels growth, boosts profits, and eliminates repetitive tasks.

Strategy for adopting AI

NordLayer: Indeed, it’s remarkable, but the question is how to start with AI in business. Can you explain your three-step strategy for organizations looking to leverage AI?

Shawn David: Think of the first step as testing things out. You must step beyond your usual methods and rethink how you use AI. Even I, with two decades of systems engineering, had to adjust my thinking after about six months of working with it.

Consider three generative AI models: Claude, Bard, and ChatGPT. Think of them as three different ovens, each baking the same cake but with unique qualities and results. You are the chef here.

And now, the idea is to use AI to create a recipe for optimizing your business. Start with the end goal. AI will show you how to use the ingredients (your data and processes) to reach that outcome. Remember that you can hire a professional if you’re unsure how to use AI effectively for your specific needs.

NordLayer: First, you pinpoint your business needs with AI. What’s the next step?

Shawn David: You use AI with your data in the second step. There are two paths here: public Large Language Models (LLMs) like Bard and Claude are great for answering questions you already grasp. Imagine the result you desire. For instance, getting insights from 12,000 PDFs. The beauty is LLMs understand what you ask.

In the third step, you apply AI to your business processes. Now, avoid the DIY route. There are professionals who can handle this for you. Also, building a customized AI tool will help you secure your data by providing a more advanced and proactive approach and preventing unauthorized access to sensitive information.

NordLayer: Let’s explore a practical scenario. Say I’m a healthcare business with around 60 employees, and I’m aiming to develop a secure AI tool.

Shawn David: Absolutely, building a safe AI tool involves a step called vectorization, which is like having a super-smart assistant. It studies content, creating connections and context within data. For example, when we think of “jaguar” and instantly associate it with “Kitty Cat” or “English car.”

If you have sensitive data, like personal information, create an isolated database, keeping it safe from outside networks. Then, use your natural language processing on this database without directly linking to an AI model.

As you invest in vectorization, you eliminate complex translations between humans and machines. Encoded vectors carry meaning, easily understood by AI. This ensures clear communication, fostering secure and context-aware AI tools.

In summary, for goals like healthcare data privacy, vectorization empowers secure, efficient, and direct interactions with AI systems.

NordLayer: Certainly, understanding risks is crucial. Are there downsides to deploying a customized AI tool for businesses?

Shawn David: One concern is not fully knowing how it works and blindly trusting its results. There’s a risk when you get output without clarity on the process. Let’s look at an example. Imagine you purchase a natural language processing system for your company. You feed in data, which tells you 51 to 85-year-old females have a 97% conversion rate. But it might hide the idea that grandmothers are buying kids’ presents, leading to wrong business decisions based on misleading info.

To avoid this, you need to understand the AI’s mechanism. Talk to engineers, ask about biases, and get answers. If not, bring experts or consider adopting open-source solutions in a safe, air-gapped (disconnected) environment. This keeps data secure. It’s like driving a tractor-trailer if you don’t know how you’re stuck. Unlike in your first step, trial and error won’t help here. You need a solid understanding to navigate potential challenges. I advise talking to AI tool developers with the insights for smooth and secure use.

Cyber threats & AI

NordLayer: How do the risks you highlighted align with the ever-evolving landscape of cyber threats, and what challenges arise at the crossroads of AI and cybersecurity?

Shawn David: The emergence of AI-driven attacks has elevated the game beyond the usual culprits like software bugs or human errors. These attacks are woven into the very fabric of algorithms, and fixing them is now a complex puzzle.

Interestingly, despite their sophistication, many AI attacks exploit the same traditional vulnerabilities, such as weak passwords, unpatched software, or social engineering. In simpler terms, AI introduces new threats and uses age-old weaknesses. Strengthening cybersecurity defenses with established measures like strong passwords and multi-factor authentication can indeed create a formidable barrier.

NordLayer: Your insights on AI are intriguing. Shifting gears to the blend of cybersecurity and AI, especially in light of the growing concern surrounding deepfake and video content, what narrative do you see taking shape?

Shawn David: The proliferation of deepfake audio and video content undoubtedly demands our attention. With the rise of the LLMs and the whisper-1 audio-to-text and then training, you can quickly recreate someone’s likeness in real-time audio.

AI can mimic words you never uttered, prompting a quest for alternative validation methods. A human-based certification of any digital communication, perhaps? If AI can 100% replicate my voice and appearance during a Zoom call or run my LinkedIn posts, that’s scary.

NordLayer: So what, in your opinion, is the smartest way to ensure data safety within the realm of AI?

Shawn David: The data that AI feeds on can be twisted around for bad purposes in totally new and unexpected ways. This means we must change how we gather, keep, and use that data when dealing with AI.

Think of it like building your own AI tools in-house. It’s just like creating a strong fortress to safeguard your valuable assets. As I said earlier, adopting open-source solutions in a safe, disconnected environment keeps data secure. My advice is to use a thoughtful approach to AI and cybersecurity. This will help make sure a business remains resilient.

Decision-making and AI

NordLayer: That’s an insightful perspective on cyber threats in the context of AI. Now, let’s delve into AI-powered decision-making. Can you explain what it means?

Shawn David: According to Gartner, by 2025, 95% of decisions involving data will be at least partially automated. AI will improve the speed and accuracy of decisions in three ways.

First, we’ll have human-based decisions, such as medical diagnoses, where machines assist with visualization, but humans make the final call based on ethics, bias, logic, skills, and emotions.

Second, we’ll have hybrid decisions, like in financial investment, where the machine suggests, but the human decides. AI will provide recommendations and analytics for human validation.

Finally, we’ll have full decision automation, as in choosing the next best action for a digital order, where the machine decides using predictions and forecasts. Managing risks is key here, which might involve setting guardrails or keeping a human in the loop.

AI integration across various industries

NordLayer: Now, let’s talk about the impact of AI across various industries. How can different sectors benefit from AI integration?

Shawn David: Absolutely, the potential applications are vast. Industries characterized by routine human interaction or manual tasks are ripe for transformation. Consider roles involving data transposition, low-level content creation, or entry-level graphic design. For instance, I’m developing a system that can replace low-paying content creation gigs on platforms like Upwork and Fiverr. Users can train an AI using their own social media posts, and it will generate content in their style, which can then be refined further. This kind of symbiotic relationship between humans and AI can lead to a more efficient workflow.

Consider facilities like the Cleveland Clinic and the Mayo Clinic, which already utilize AI to monitor patients round-the-clock. Vital signs, such as heart and breath rates, are tracked, alerting medical staff to changes. AI aids in medication dispensing and even assists in medical diagnosis, analyzing patterns in cells that the human eye might miss. Radiology and surgery benefit from AI’s unmatched precision, akin to a drug-sniffing dog that never fails to detect. The potential of AI in healthcare is profound, touching everything from immediate care to complex diagnostics.

NordLayer: It’s interesting how AI’s influence varies across industries. What about the IT industry? Will it also see a significant impact?

Shawn David: Absolutely, even in the IT industry, there are areas that AI can revolutionize. For instance, AI bots can easily handle routine tasks like answering basic customer queries about platforms like GoDaddy or providing guidance on Google or Facebook ad setups. AI can watch and understand training videos, making manual checks unnecessary. This kind of automation can reshape entire sectors overnight. However, it’s important to note that AI adoption in IT is all about efficiency and profit. Open AI’s training data includes questions from users, not as an altruistic gesture, but to improve AI’s performance.

Regarding industries with less potential AI impact, those heavily reliant on high-level creativity or personalized concierge services might not experience significant change. For example, luxury services that thrive on human touch and bespoke experiences may remain less influenced by AI’s reach.

Risks regarding AI

NordLayer: Finally, can we discuss risks for businesses regarding AI?

Shawn David: One of the biggest business risks is falling behind the AI race and losing competitiveness. If you approach automation authoritatively without involving the workforce, it can lead to resistance and chaos. The key is to view AI as a collaborator, like a helpful robot. If people grasp this concept, we’d be in a better place. However, the rush to adopt AI while disregarding ethical concerns can lead to unintended consequences. It’s crucial to strike a balance between progress and responsibility.

NordLayer: Thank you very much for this insightful conversation.

Shawn David: My pleasure.

Before diving into the AI world, consider securing your business’s digital journey. Learn how NordLayer can help you strengthen your defenses.

This text has been generated by a human.

About NordLayer
NordLayer is an adaptive network access security solution for modern businesses – from the world’s most trusted cybersecurity brand, Nord Security.

The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

Nord Security 2023 NordLayer

23.9.1 ‘Voyager’ released

Changes compared to 23.9.0

Bug Fixes

Fixed an issue with Storage Vault configuration if the Object Lock duration was set to zero days
Fixed a cosmetic issue with displaying the wrong file path syntax for Windows devices when editing a Protected Item in the Comet Server web interface

About Comet
We are a team of dedicated professionals committed to developing reliable and secure backup solutions for MSP’s, Businesses and IT professionals. With over 10 years of experience in the industry, we understand the importance of having a reliable backup solution in place to protect your valuable data. That’s why we’ve developed a comprehensive suite of backup solutions that are easy to use, scalable and highly secure.

2023 Comet

ESET Research: Iran-aligned Ballistic Bobcat targets businesses in Israel with a new backdoor

ESET Research have discovered a new backdoor, Sponsor, deployed by the Iran-aligned Ballistic Bobcat APT group.
Sponsor was deployed to at least 34 victims in Brazil, Israel, and the United Arab Emirates; we have named this activity the Sponsoring Access campaign.
Ballistic Bobcat engaged in scan-and-exploit behavior, as opposed to a targeted campaign against preselected victims. The victims comprise diverse business verticals.
The Sponsor backdoor uses configuration files stored on disk. These files are discreetly deployed by batch files, and deliberately designed to appear innocuous, in an attempt to evade detection by scanning engines.

BRATISLAVA, MONTREAL — September 11, 2023 — ESET researchers have discovered a campaign by the Ballistic Bobcat group, which is using a novel backdoor that ESET has named Sponsor. Ballistic Bobcat, previously tracked by ESET Research as APT35/APT42 (also known as Charming Kitten, TA453, or PHOSPHORUS), is a suspected Iran-aligned, advanced, persistent threat group that targets education, government, and healthcare organizations, as well as human rights activists and journalists. It is most active in Israel, the Middle East, and the United States. Its aim is cyberespionage, and a significant majority of the 34 victims were located in Israel, with only two located in Brazil and the UAE. In Israel, automotive, manufacturing, engineering, financial services, media, healthcare, technology and telecommunications verticals have been attacked.

For 16 of the 34 victims of the newly discovered campaign, named Sponsoring Access, it appears that Ballistic Bobcat was not the only threat actor with access to their systems. This may indicate, along with the wide variety of victims and the apparent lack of obvious intelligence value of a few victims, that Ballistic Bobcat engaged in scan-and-exploit behavior, as opposed to a targeted campaign against preselected victims.

Thus, Ballistic Bobcat continues to look for targets of opportunity with unpatched vulnerabilities in internet-exposed Microsoft Exchange servers. “The group continues to use a diverse, open-source toolset supplemented with several custom applications, including the newly discovered Sponsor backdoor. Defenders would be well advised to patch any internet-exposed devices and remain vigilant for new applications popping up within their organizations,” says ESET researcher Adam Burgher, who discovered the Sponsor backdoor and analyzed the latest Ballistic Bobcat campaign.

The Sponsor backdoor uses configuration files stored on disk. These files are discreetly deployed by batch files, and deliberately designed to appear innocuous, in an attempt to evade detection by scanning engines. Ballistic Bobcat deployed the new backdoor in September 2021, while it was wrapping up the campaign documented in CISA Alert AA21-321A and the PowerLess campaign.

During the pandemic, Ballistic Bobcat was targeting COVID-19-related organizations, including the World Health Organization and Gilead Pharmaceuticals, and medical research personnel.

For more technical information about Ballistic Bobcat and its Sponsoring Access campaign, check out the blogpost, “Sponsor with batch-filed whiskers: Ballistic Bobcat’s scan and strike backdoor,” on WeLiveSecurity. Make sure to follow ESET Research on Twitter (today known as X) for the latest news from ESET Research.

Geographical distribution of entities targeted by Ballistic Bobcat with the Sponsor backdoor

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

ESET 2023