Make sure to add us or contact us for the latest news
 |
 |
 |
 |
 |
 |
 |
The Week in Breach: Featured – Data Breach Danger Has Majorly Ramped Up for Every Business
Cybercrime has been steadily on the rise throughout the pandemic. Now that we’re starting to see some end-of-the-year numbers tallied, it’s becoming even more apparent that 2020 was a very dangerous year for business cybersecurity – and 2021 isn’t looking much better.
One stunning statistic that hops right out of the Ponemon Institute’s biannual Cyber Risk Index is the estimation that 1 in 4 firms worldwide faced 7 or more serious cyberattacks in 2020. That includes firms of every size – no business is too small to be at risk of a cyberattack. The top security risks within IT infrastructure that were cited by survey respondents were: organizational complexity and misalignment, negligent insiders, cloud infrastructure and providers, skills shortages and malicious insiders
Another important fact to remember: 83% of respondents thought that the chances of an attacker gaining a foothold inside their company’s networks or systems over the next year are “somewhat” or “very” likely. They’re not just being pessimistic – precipitate increases in cybercrime across the board bear this thinking out. The survey goes on to list the risks and types of cyberattacks that most concern businesses: phishing and social engineering, clickjacking, ransomware, fileless attacks, botnets and man-in-the-middle attacks.
Cleanup and recovery from a cybersecurity incident is becoming more expensive too. According to business insurer Hiscox, incident response from cyberattacks can cost businesses $200,000 on average for a single large incident. Even at SMBs, remediation and recovery costs from a data breach can easily climb into 6 figures for even a few small cybersecurity incidents per year – and many companies learned that lesson in 2020.
Just by adding secure identity and access management with Passly, you can add several layers of strong protection to your vulnerable access points, including multifactor authentication, a superstar in security throughout 2020.
Regularly updated security awareness and phishing resistance training using BullPhish ID is essential for every business as well. Companies that engage in regular cybersecurity training (at least quarterly) can have up to 70% fewer cybersecurity incidents each year.
Dark Web ID is another option that may not show obvious value to non-tech savvy companies, but it’s a clutch player for preventing credential compromise from giving cybercriminals an easy way into systems and data by exploiting compromised credentials. The 24/7/365 monitoring can help give clients peace of mind against Dark Web danger.
Experts predict that we’ll see as much as a 40% rise in data breaches in 2021. With this information about the explosion in risk for businesses of every stripe at hand, it’s easy to see why now is the perfect time to evaluate the need to update and upgrade cybersecurity solutions to mitigate these threats. While budgets are universally tight, the cost of just one cybersecurity incident like a ransomware attack will be much higher than the cost of the security upgrades that prevent it.
Don’t hesitate to contact us for assistance. We can walk you through the benefits of our solutions.
The Week in Breach News – United States
United States – Lake Regional Healthcare
Exploit: Ransomware
Lake Regional Healthcare: Hospital System
Risk to Business: 1.919 = Severe
A ransomware attack at this Minnesota healthcare system on December 30 led to impacts in patient care as the hospital was forced to adopt downtime procedures. Most impacted systems have been restored and the incident is under investigation.
Individual Risk: No personal or consumer information was reported as impacted in this incident at this time but the incident is still under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is an increasingly popular option for cybercriminals looking to disrupt operations to score a quick payday from a much-needed service provider or manufacturer.
IntegraMSP to the Rescue: Ransomware risks are growing every day in every industry. Get your business ready to fight back against ransomware threats with our eBook “Ransomware 101”. CONTACT US FOR MORE INFO>>
United States – OmniTRAX
https://www.freightwaves.com/news/ransomware-attack-hits-short-line-rail-operator-omnitrax
Exploit: Ransomware
OmniTRAX: Short Line Railway
Risk to Business: 2.172 = Severe
Conti ransomware is to blame for a major information theft at OmniTRAX and parent company Broe Group. Although rail and freight operations were not disrupted, proprietary data was stolen. The 70 gigabytes of leaked files presented by the gang include internal OmniTRAX documents and clearly showed that data came from the contents of individual employee work computers. It was not clear if it included data pertaining to OmniTRAX’s rail operations or its customers.
Individual Risk: No personal or consumer information was reported as impacted in this incident at this time but the incident is still under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business Just one stolen or cracked password can wreak havoc on a company and its subsidiaries, leading to extensive (and expensive) recovery operations.
IntegraMSP to the Rescue: Make sure that just a stolen password won’t open your door with secure identity and access management using Passly that seamlessly integrates with more than 1k apps. SCHEDULE A DEMO>>
United States – Apex Laboratory
Exploit: Ransomware
Apex Laboratories: Consumer Medical Testing
Risk to Business: 1.783 = Severe
Apex Laboratories definitely got a result that they weren’t expecting when DoppelPaymer ransomware popped up on December 15, snatching a large quantity of data. The attack resulted in the exfiltration of thousands of documents containing both protected health information of patients and personally identifiable information of Apex employees.
Individual Risk: 2.166 = Severe
The data impacted is estimated to include patient names, dates of birth, test results, and some Social Security and phone numbers. The company is notifying affected patients. Apex employees and clients should be cautious about potential spear phishing email using this information.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware has been an especially pernicious menace to healthcare targets throughout the pandemic, and that’s not slowing down.
IntegraMSP to the Rescue: Ransomware is almost always the cargo of a poisonous phishing email. BullPhish ID helps companies enlist every staffer in the fight against ransomware. SEE BULLPHISH ID IN ACTION>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.