Cyber Security Insights for Resilient Digital Defence

Macquarie renews security contract with Australian Tax Office

Macquarie Government has announced that it has renewed and extended its agreement with the Australian Taxation Office (ATO) to provide a range of data and cyber security services. It will see the ATO continue to leverage services including Macquarie’s Secure Internet Gateway (SIG), 24x7x365 Security Operations Centre (SOC), sovereign data centre, hyperconverged infrastructure, and cloud services. These services support the secure management of the connection between the ATO’s IT environment and the internet, and protect the financial, personal and sensitive data of Australian organisations and citizens. Since the initial agreement was signed in 2019, Macquarie has facilitated the migration of SIG services as well as supported the ATO’s IT and security teams in relation to SIG services. This support includes the monitoring of digital events on the ATO’s SIG and triage of targeted attacks by Macquarie’s SOC. For the ATO, Macquarie’s SOC provides a full inspection of internet traffic flows, content, and images to meet ATO policies, the government’s Protective Security Policy Framework (PSPF) and Information Security Manual (ISM) controls. Macquarie Government provides SIG and other cyber security services to approximately 42% of the government based on staff headcount. “We’re proud to play a key role in keeping one of Australia’s most fundamental government agencies secure, at a time when Australians are looking for greater assurance their critical government data and the institutions that store and protect it are fully secure,” says Aidan Tudehope, Managing Director, Macquarie Government.

ThreatSpike Red disrupts elite cyber security market

ThreatSpike has announced the launch of ThreatSpike Red, the industry’s first unlimited offensive cyber security service. ThreatSpike Red helps organisations of all sizes to close the cyber security gap by providing continuous unlimited testing and scanning of applications and websites to identify vulnerabilities. The new managed service is said to be the first of its kind to be offered on an affordable fixed-price basis, giving customers full visibility over cost, and making advanced offensive cyber security accessible to more organisations large and small. Compared to conventional pentesting conducted once or twice per year, ThreatSpike Red enables customers to undertake continuous cyber security evaluation, achieving greater depth through red team exercises that live-test defences. This helps companies take control of their cyber security posture, monitor performance, and respond to emerging threats to protect their businesses against cyber attacks and build customer trust. Adam Blake, CEO and co-founder of ThreatSpike, explains, “In today’s challenging digital environment offensive cyber security shouldn’t be just a point-in-time activity, but the high cost of traditional pentesting services means most organisations can only afford to test infrequently, if at all. This creates a high-risk cyber security gap where adversaries have a large window of opportunity to attack quickly. The results can be devastating, from loss of revenue and reputation to compliance failures and enterprise collapse. “ThreatSpike Red disrupts the traditional pentesting and cyber security services market by democratising access to offensive cyber security services through our transparent, fixed-price service. It means not only that more organisations can benefit from offensive cyber security, but also that they can protect their business on a continuous basis. In a difficult economic climate, our solution resolves the tension between security and cost at a time when managing both is critical to business success.” ThreatSpike Red is offered on a per-employee pricing basis for SMBs: • Companies with up to 250 employees: £5k per year • Companies with up to 1,000 employees: £10k per year • Companies with up to 2,000 employees: £15k per year    The service includes initial reconnaissance, vulnerability scanning, security assessment and reporting, together with unlimited red team attack exercises and penetration tests to stress-test systems and determine employee cyber threat awareness. ThreatSpike Red is delivered by ThreatSpike’s highly experienced team of security specialists using a combination of manual and automated approaches. ThreatSpike Red exceeds the requirements of NCSC Cyber Essentials certification, ensuring clients can demonstrate a robust approach to cyber security that gives customers confidence. Adam adds, “In our analysis of our work with hundreds of organisations, we’ve established that 70% of employees won’t report receiving a suspicious email to their security team. If a hacker gains access to a single machine in a company, there is a 90% chance it will result in a significant data breach, and the average company can be hacked and ransomed within a single day. On top of this, we find that companies are ill-prepared to respond to new threats and vulnerabilities, meaning they can be hacked before they even knew there was a risk. That’s why continuous offensive cyber security is so critical - it closes the gap and shrinks the window of opportunity for attackers. “By making offensive cyber security accessible to a larger group of organisations, ThreatSpike aims to help raise the level of cyber security performance across the board, limiting attacker opportunity and ensuring clients protect their customers, reputation, and revenues.”

Three steps to protect your organisation from wiper malware

By Florian Malecki, Executive Vice President of Marketing, Arcserve Wiper malware is an alarming threat to corporate data. Unlike ransomware, which can encrypt and disable your files until you pay a ransom, wiper malware aims to delete your data permanently and cause as much destruction as possible. Once it infects your system, it will make your data completely unrecoverable. This type of malware is hazardous because it offers no possibility of recovery by paying a ransom. Wiper malware has grown more common in recent years, with several high-profile attacks making headlines. The WannaCry attack in 2017, which affected hundreds of thousands of computers worldwide, is believed to have been a wiper attack. Other notable recent wiper attacks include Olympic Destroyer in 2018, targeted at the Winter Olympics in South Korea, and ZeroCleare in 2020, targeted at the energy and industrial sectors in the Middle East. Even the infamous Sony Pictures hack was a wiper attack. Wiper malware is also a weapon of cyber warfare. As the conflict between Russia and Ukraine continues, Ukraine has seen a withering barrage of wiper attacks. In the first half of 2022, seven new wiper variants were used in campaigns against private, government, and military organisations. Indeed, there have been wiper malware attacks in 24 countries beyond Ukraine, with some of these attacks targeting critical infrastructure using disk-wiping malware. One of the fundamental challenges in dealing with wiper threats is that they’re very often difficult to detect and contain. Unlike other forms of malware, which usually come with signs of their presence, wipers erase all traces of themselves once they have completed their destructive work. This makes it difficult for IT security professionals to respond to these attacks and prevent them from spreading. Organisations must implement robust, multi-layered security measures, including regular backups of critical data to defend against wiper threats. It’s also essential to maintain a strong security posture and be alert to signs of a potential wiper attack. Here are three steps your organisation can take to minimise your risk of falling victim to these destructive attacks: Backup your data The importance of backing up your data cannot be overstated when defending against wiper malware. While backups can’t prevent an attack from occurring, they provide a lifeline for restoring compromised data caused by wiper malware - or any other type of attack. By properly managing your backups, you can ensure you have copies of your data that are separate from your production systems. Should wiper malware, ransomware, or any other malware strike the active IT environment, your business can turn to its backups, stored on an immutable storage solution, for restoration. Not only is restoring from backups more cost-effective and faster than paying a ransom to recover data, but it’s likely your only recourse in a wiper attack because paying a ransom is usually not an option. Follow the 3-2-1-1 rule A 3-2-1-1 data-protection strategy is a best practice for defending against malware, including wiper attacks. This strategy entails maintaining three copies of your data, on two different media types, with one copy stored offsite. The final 1 in the equation is immutable object storage. By maintaining multiple copies of your data, you can ensure that you have a backup available in case one copy is lost or corrupted. It is imperative in the event of a wiper attack, which destroys or erases data. Storing your data on different media types also helps protect against wiper attacks. For example, you might keep one copy of your data on a hard drive, another at a cloud-based storage service, and the third on a removable drive or tape. This way, if one type of media is compromised, you still have access to your data through the other copies. Keeping at least one copy of your data offsite, either in a physical location or in the cloud, provides an additional layer of protection. If a wiper attack destroys on-site copies of your data, you’ll still have access to your off-site backup. The final advantage is immutable object storage. Immutable object storage involves continuously taking snapshots of your data every 90 seconds, ensuring that you can quickly recover it even during a wiper attack. This next-generation data-security tool helps to safeguard your information and protect it from loss or damage. Air gap your networks Air gapping is an efficient and effective method for protecting backup data against wiper attacks. There are two types of air gapping: traditional physical and logical air gapping. Physical air gapping involves disconnecting a digital asset from all other devices and networks, creating a physical separation between a secure network and any other computer or network. You can store backup data on media such as tape or disk, then completely disconnect these media from your production IT environment. Logical air gapping, on the other hand, relies on network and user access controls to isolate backup data from the production IT environment. Data is pushed to its intended destination, such as an immutable storage or custom appliance, through a one-way street and can only be managed or modified through separate authentication channels. The beauty of air gapping is that it renders your data almost invisible to wiper malware attacks, making it nearly impossible for the bad guys to compromise your backups. Final takeaway The increasing spread of wiper malware in the wild is a stark reminder of the dangerous landscape organisations face when protecting their data. A solid, well managed data backup and recovery plan is the key to ensuring data safety in the face of today’s growing array of threats. No matter what tactics cyber criminals may use to disrupt your access to your data, a robust backup and recovery plan will keep your data secure.

Six Degrees welcomes new advisor to its ranks

Six Degrees has appointed Chris Dunning-Walton to its advisory team. Chris joined the Six Degrees advisory team on 1 January 2023. Chris is currently CEO and Managing Partner of Sentients, a boutique international executive search firm that focuses on placing Chief Information Security Officers (CISOs) and other cyber leaders with FTSE 250 enterprises. He is also CEO of InfoSec People, a multi-award-winning cyber security recruitment consultancy, and the founder and Director of CyNam. Chris has worked with a number of premier brands including Admiral Insurance, Dixons, Carphone Warehouse, Aviva, The Economist, Vitality, BAE, BT Deloitte, and KPMG. Chris says, "Cyber threats present as the world's top business risk. It's important that businesses develop strategies that not only seek to improve their cyber security postures, but also their cyber resilience: how technology and processes enable the business to respond when incidents arise. What drew me towards Six Degrees was their exceptional people and portfolio of services, fronted by expertise in hybrid cloud technology and with security at the core of everything they do. I am excited to be working closely with the leadership team of a great business which is committed to enabling its clients to not only survive - but to thrive in these complex times." Commenting on the appointment, Six Degrees CEO Simon Crawley-Trice says, "With the economic outlook we're facing over the next few years, it's more imperative than ever that companies transform their digital strategies to be reliable, resilient and cost-effective. Security must be at the heart of any transformation. Chris has years of experience working with top FTSE brands, helping them to better understand the challenges before them, to mature their cyber strategies, and to secure a return on their cyber security investments. Chris is the right person to work with us as we strive to connect our clients with the solutions needed to protect and grow their businesses."

atNorth appoints Fredrik Jansson to its executive team

atNorth has announced the appointment of Fredrik Jansson to its executive team, as the next phase of significant growth for the business is initiated. Fredrik joins from STACK EMEA NORDICS (formerly DigiPlex) where he held several executive positions including Chief Commercial Officer, Chief Strategy Officer and Chief Marketing and Communications Officer. Under his leadership, DigiPlex’s marketing/communications transformation was internationally recognised by over 20 awards. In addition, Fredrik has been named as one of the 50 Most Influential CMOs globally, an IM100 awards winner and the first ever recipient of Datacloud Awards’ ‘Marketeer of the Year’. Before joining DigiPlex, Fredrik held several leadership roles at Tata Consultancy Services (TCS) in a distinguished career spanning over a decade and over 40 international awards for excellence. During his time with TCS, the firm grew from $1 billion to $16.5 billion in revenue, and from 40,000 to 370,000 employees. His last position at TCS was as Chief Brand Officer, responsible for all brand building activities across 21 European markets. Additionally, Fredrik is globally educated and holds a Master’s degree in Business with university studies in France (INSEAD), UK (London Business School), USA (Harvard, Kellogg; Northwestern and University of Florida), Ireland (Trinity College Dublin) and Sweden (Uppsala University). “Fredrik Jansson joins atNorth at a pivotal time, as the business has already achieved considerable growth in 2022. By bringing on one of the most awarded executives in the industry we aim to amplify our fast paced, ‘scale up’ environment and fuel the next stage of our expansion”, says Eyjólfur Magnús Kristinsson, CEO of atNorth. “Fredrik’s considerable experience in corporate and commercial strategy, as well as marketing and communication transformation, makes him uniquely positioned to help accelerate atNorth’s continued rapid expansion in the Nordic region.” “I am extremely excited to join atNorth, a disruptive force in the world's most advantageous locations for data centres - the Nordics. At this focal point, where the two defining trends of our time - digitalisation and sustainability - meet in the data centre it is clear that there is considerable opportunity for further progression,” says Fredrik. “I am looking forward to working with atNorth’s world class leadership team and fantastic employees in fuelling the next chapter of rapid growth for the business”. atNorth is experiencing strong growth following the opening of its SWE01 data centre in Stockholm in 2022 and the recent acquisition of two data centres from Advania in Finland. The company now operates five data centres in strategic locations across three Nordic countries, with a sixth site to open in Akureyri, Iceland in Q2, 2023.

Vívaro Telecom teams up with MDC Data Centers in San Diego

MDC Data Centers has announced that its new data centre in San Diego will be ready to begin operations in Q2 of 2023. This new location is announced in partnership with Vívaro Telecom, a major Mexican network leader in telecommunications, media, IT solutions, and cyber security with more than 55 years of operations. The new data centre will become the first of its kind in Southern California, and will provide redundant access to the company's fibre-crossing solutions that connect San Diego to the state of Baja California in Mexico with two independent routes, via Otay Mesa and via San Ysidro. With a model proven in different markets, MDC San Diego enters into agreements with new founding members of the site to foster more interconnections to the border and bring better connectivity between the two countries. A data centre built for its customers During an annual customer appreciation event held in Mexico, Juan Salazar, CEO of MDC Data Centers, announced the beginning of physical and technical adaptations at the company's new facility in San Diego, California. Juan expressed his gratitude for the trust shown by MDC Data Centers' customers, and emphasised his commitment to turn MDC San Diego into a neutral interconnection point at the border. Vívaro Telecom joins MDC San Diego as a founding member, highlighting the importance of the site in covering Baja California's need for interconnection and developing solutions that allow breaking the technological isolation of the state with the centre of Mexico. "At Vívaro Telecom, we believe that this new facility is a reflection of MDC Data Centers' commitment to neutrality and customer-centricity. It will expand the company's unique business advocacy to a new strategic market, creating new business opportunities for all participants in the ecosystem," says Gustavo Mario De la Garza Flores, CEO of Vívaro. San Diego is a hub for technology and innovation, but also a key element in MDC Data Centers' strategy to continue promoting its border platform. The new site will provide the infrastructure needed for its customers' growth in local and international markets.

IT industry revealed as the least cyber-secure industry in the UK

The UK IT sector has the highest number of data breaches of any industry, with over 300,000 cyber security breaches in the past year alone. And, with photo sharing apps such as BeReal and Snapchat on the rise, the potential for severe data breaches when these apps are used at work is creating panic across many UK industries. Interested in identifying the sectors most at risk, the experts at Scams.info used data from the 2022 Cyber Security Breaches Survey to identify the UK industries with the most cyber security breaches. Key findings: • The information and communication (IT) industry is the least cyber-secure in the UK, hitting the top ranking with 320,060 data breaches in 2022, and 66.17 average breaches per employee. • The food and hospitality sector is the most cyber-secure, with 5,176 breaches - 60 times less than the IT industry. The UK industry with the most cybersecurity breaches in 2022 RankIndustryNumber of data breaches in the past yearAverage no. breaches per employee1Information/communication320,06066.172Finance/insurance305,78518.453Retail/wholesale (including vehicle sales and repairs)183,50011.514Transport/storage111,6544.985Education106,3658.046Utilities/production55,8623.107Construction54,84711.568Professional, scientific/technical8,3700.519Health, social care/social work7,0100.4210 Entertainment, service/membership organisations6,2380.8511 Administration5,6740.0512Food/hospitality5,1760.04 According to Scams.info, IT employees are over three times as likely to suffer a cyber security breach than those in the finance and insurance industry (18.45 average breaches). This adds up to IT employees potentially suffering cyber breaches at least once per week each, on average. Food and hospitality industry is the most cyber-secure Scams.info also found that, in 12th place, the food and hospitality industry is the most cyber-secure of all sectors observed, with only 5,176 data breaches in the past year, equating to a miniscule 0.04 breaches per employee. This is a 314,884 drop in data breaches when compared to the IT sector, and 498 fewer annual breaches than the administration and real estate sector in 11th place. Web development and cyber security expert, Ledi Sallilari, from the SEO consulting firm Reboot, offered the following tips on the best ways businesses and employees to protect themselves from data breaches at work: • For tech and remote-based industries, the importance of cyber security training is invaluable. Implementing safe practices when working online can play a vital part in keeping the data of your company, clients and employees safe from attack. • The main cause of online security breaches can be largely put down to human error. Avoid easily guessable passwords that use identifying information (such as your dog’s name), and opt for the longest passwords possible. If there is an option for your password to be between eight and 24 characters, go for 24. • Be aware of phishing attacks, and do not open any emails you do not recognise. Some hackers may even impersonate your boss, so it’s always best to double check directly with the alleged sender themselves before actioning anything from a suspicious email.

Lenovo unveils next generation of smart infrastructure solutions

Lenovo has unveiled 25 new ThinkSystem and ThinkAgile server and hyperconverged solutions powered by Intel’s fourth generation Xeon Scalable Processors as part of its Infrastructure Solutions V3 portfolio. Designed to help accelerate global IT modernisation for organisations, the integrated solutions deliver advanced performance, efficiency and management capabilities specifically optimised for complex workloads, including mission-critical, AI, HPC and containerised applications. “In today’s business climate, modern infrastructure solutions that generate faster insights and efficiently enable complex workloads from the edge to the cloud are critical,” says Kamran Amini, Vice President and General Manager of Server and Storage, Lenovo Infrastructure Solutions Group. “With the performance and management improvements of the Intel-based ThinkSystem V3 portfolio, customers can reduce their IT footprint by up to three times to achieve greater ROI and easily transform their infrastructure with one platform designed for today’s AI, virtualisation, multi-cloud and sustainable computing demands.” As global data proliferation continues, businesses need a new IT architecture that spans client-edge-network-cloud-intelligence to help them innovate to meet ever-evolving customer needs. The next generation of Lenovo ThinkSystem and ThinkAgile servers and storage with Intel Xeon Scalable processors feature built-in accelerators that can help achieve efficient utilisation and power efficiency across the fastest-growing workloads that businesses depend on. Additionally, the portfolio provides a unique open architecture with advanced management, reliability and security to help companies of all sizes work across diverse clouds while leveraging existing IT environments. Doubling performance for mission-critical workloads The next generation of Lenovo solutions with Intel Xeon Scalable processors accelerate data networking, AI inference and analytics, delivering improved performance to help businesses better manage, process and analyse the explosive growth of data. As the data demands for today’s businesses exponentially increase, the new ThinkSystem and ThinkAgile V3 servers are designed to more effectively power today’s most demanding workloads across all industries, including in-memory databases, large transactional databases, batch processing, real-time analytics, ERP, CRM, legacy system replacements and virtualised and containerised workloads. The portfolio also enables faster system configuration setup compared to the previous generation with enhanced XClarity Controller (XCC2) software. Solutions, like the new ThinkSystem SR850 V3, deliver the high performance, reliability and versatility needed to tackle high-intensity workloads in a dense, four-socket 2U design, enabling businesses to quickly respond to expansion needs such as increased data management across manufacturing, healthcare and financial service applications. The server features predictive failure analysis, light path diagnostics and embedded tamper detection to avoid application failures and downtime for more secure data centre operation. Greater performance, less power consumption with new Neptune systems Cooled by fifth generation Lenovo Neptune Direct Water-Cooling technology, Lenovo’s new ThinkSystem SD650 V3 and SD650-I V3 servers extend Neptune efficiency to a new generation of systems that enable customers to reduce power consumption up to 40%. Lenovo has extended liquid cooling beyond CPUs and memory to PCIe, storage, and GPUs and more. The new systems leverage Neptune cooling for High Bandwidth Memory (HBM) on select models, providing HPC applications up to four times more memory bandwidth and delivering up to 2.8 times generational performance improvement. HPC users will now have the latest generation Intel Xeon Max Series CPUs with HBM and Intel Data Center Max Series GPUs, all cooled by Lenovo Neptune. HPC workloads utilise system resources at higher levels, over longer periods of time. Lowering a supercomputer’s power usage without sacrificing performance comes with many benefits. Every watt of electricity consumed is converted into heat, which must be removed. In air-cooled systems, heat is removed by system fans, requiring more power. With Neptune, liquid removes the heat, negating the need for power-consuming fans. This allows HPC users to attain greater performance while reducing the energy consumed and the environmental impact of the data centre. From Exascale to Everyscale, Lenovo is committed to enabling organisations of all sizes access the next era of supercomputing technologies to help them solve humanity’s greatest challenges. Enabling scalable and secure cloud agility for the modern IT era Lenovo is accelerating edge-to-cloud deployment with turnkey solutions to enable a smarter digital transformation and help customers accelerate their business. The new solutions provide pre-configured, pre-validated and cloud ready systems with built in lifecycle management to address customers’ needs. With the new Lenovo Infrastructure Solutions V3 portfolio, businesses can use a solution to grow and manage cloud platforms at scale, while providing consistent cloud services. By 2027, Gartner predicts that more than 90% of organisations will be running containerised applications. Orchestrators enable deployment automation at scale and are quickly becoming a requirement in many organisations to support the dynamic nature of modern cloud-native applications. Lenovo’s open cloud approach allows for Kubernetes platforms and application services for container orchestration and delivery of cloud-native applications, enabling greater utilisation of hardware infrastructure while improving operational efficiency. The new Lenovo ThinkAgile V3 HX, MX and VX hyperconverged infrastructure solutions are available via TruScale Infrastructure as a Service for ultimate flexibility. Customers can combine the convenience of a cloud-like experience with the security and control of traditional on-premises solutions. With Lenovo Open Cloud-Automation (LOC-A) integrated software, deployment, provisioning and managing container infrastructure becomes effortless, enabling businesses to accelerate rollout with up to 81% faster deployment than standard IT, thereby increasing the time to revenue by average of 25%. For example, the Lenovo Cloud Native Solution for VMware Tanzu on ThinkAgile VX enables organisations to run and operate modern infrastructure with stability at scale while managing containers and virtual machines from the same control plane, improving resource utilisation and shortening container development cycles. The Lenovo Infrastructure Solutions V3 portfolio provides enhanced ThinkShield security and IT resiliency through an additional isolation layer of immunity against unauthorised access and malicious attacks. Lenovo’s Modular Root of Trust helps protect, detect and recover from cyber attacks and digital compromises with bolstered tamper detection and monitoring embedded into the chip design, while Lenovo System Guard ensures heightened security between manufacturing, delivery and deployment with advanced hardware monitoring.

The Agriculture and Horticulture Development Board takes its disaster recovery to pastures new

The Agriculture and Horticulture Development Board (AHDB) has planted an advanced and robust IT disaster recovery (DR) systems in its Warwickshire headquarters, after appointing virtualDCS to design, implement and manage the solution. The innovative system has been named the Business Continuity/Disaster Recovery (BC/DR) Project of the Year at the 2022 Storage, Digitalisation and Cloud (SDC) Awards. The AHDB is a statutory levy board, funded by farmers, growers, and others in the food supply chain to help the industry succeed in a rapidly changing world. The organisation’s aim is to create a world-class food and farming industry in the UK. Jamie Blakeman, IT Support Manager at AHDB, explains, “When it came to procuring a new disaster recovery solution, we knew we wanted a robust DR plan, with a system that would offer minimal recovery point objectives (RPOs) and recovery time objectives (RTOs), as well as using some of the best technology available. Ultimately, being able to access our data quickly and easily, and under any circumstances, was a key requirement. “Potential suppliers were sought through G-Cloud, which is the government framework that enables the public sector to procure IT services via the Digital Marketplace. virtualDCS was selected because the company could provide a robust DR solution, with very low RPOs, through its single CloudCover service. “The new system was up and running in a matter of weeks. After the hardware racking was completed and software was installed, most of the installation and configuration was done remotely and the longest part was synchronising the data. “Our old solution was a dated product as well as being difficult and complicated to use. Now we know that data, files and systems can be quickly restored.” Kerri Milburn, Project Delivery Specialist at virtualDCS, says, “To win an award for this bespoke and innovative solution is a huge coup for everyone involved, as well as reinforcing to AHDB how robust the system is. “The challenge of protecting data has never been greater, with it held in local sites, on public clouds and SaaS solutions. This project was novel as AHDB wanted to protect backup data and provide DR for these scenarios, but they didn’t want their protection on the public cloud. “In addition, it needed to be a secure and disaster proof backup and recovery system that offered native, near-time replication, as well as being easy to use, meaning in the event of an incident, they have the freedom and autonomy to immediately invoke it themselves. “Our CloudCover solution allows them to protect and replicate their data from on-premise and Azure servers, as well as Microsoft 365. It offers full backups and near real-time failover of their systems, as well as protecting against ransomware and other cyber nasties. “By bringing top-tier applications together, we can provide fast and reliable offsite protection. The solution protects both the onsite and public cloud workloads to the DR site in question, across different locations with ease, as well as providing the desired RPOs and RTOs. This gives AHDB peace of mind that they can failover to replica virtual machines on our platform with minimal user interruption.”

Crashing markets result in record number of crypto heists

Besides a prolonged bear market, the crypto space is battling another plague of heists targeting different products in the sector. The number of crypto industry thefts has spiked, contributing to the significant loss of investor funds. In particular, according to data presented by Finbold, in 2022 the number of cryptocurrency related heists hit 190 as of 9 December, representing a growth of 43.93% from last year's figure of 132. In 2020, 50 incidents were recorded, while in 2019, the crypto sector accounted for 41 heists. Notably, the number of heists hit double digits for the first time in 2018 at 38, a record growth of over 320% from the 2017 figure of nine. The lowest number of incidents was recorded in 2011 at four. At the same time, the value lost in heists has varied over the years, with the top 10 incidents leading to an accumulative fiat value loss of $4.28 billion. The March 2022 Ronin Network (Axie Infinity) heist ranks top with $620 million stolen, followed by Poly Network at $610 million. The Binance hack of October 2022 resulted in a loss of $570 million, followed by Coincheck at $532 million. The recent FTX crypto exchange collapse ranks in the fifth spot at $477 million, while the infamous MT Gox incident occupies the sixth spot overall at $470 million. Other high-profile heists include Wormhole ($326 million), KuCoin ($281 million), PancakeBunny ($200 million), and Bitmart ($196 million). Drivers of crypto heists The report also identified some factors driving the increasing number of heists in the crypto space. It says: “Indeed, hackers are taking advantage of the cryptocurrency sector's infancy stages to initiate the heists by leveraging sophisticated techniques, such as using multiple wallets and exchanges, to obscure their tracks and make it more difficult to identify them. In this line, the anonymity and lack of regulation in the cryptocurrency market partly make it easier for hackers to operate without being detected or traced.” Overall, bad actors are likely to continue innovating means of exploiting vulnerabilities in the crypto space. However, the number of incidents will likely drop with an increased focus on the right regulatory approaches and keen consideration for security measures.