Make sure to add us or contact us for the latest news
 |
 |
 |
 |
 |
 |
 |
Double Extortion Ransomware is the Gift That Keeps On Giving – to Cybercriminals
Double extortion ransomware is having another moment in the sun as cybercriminals double down on their attacks to double their profits. In this devastating style of attack, cybercriminals aim to get paid twice – once for the usual decryption code to unlock systems and data and a separate fee to not have the encrypted data copied by the gang.
This tactic was in vogue before when it first emerged in late 2019 and spread across the cybercrime landscape. It’s reemerged as a favorite of major gangs including REvil, DoppelPaymer and Clop. Even cybercriminals are working a little harder in this economy, leading to this style of attack trending upward again as cybercriminals look for new ways to expand their revenue streams. Practitioners of double extortion ransomware were responsible for more than 50% of all ransomware attacks in 2020.
Ransomware Continues to Rule the Roost
Ransomware risks show no signs of slowing down, and they’re costing companies a fortune. The average ransomware payment rose 33% in 2020 over 2019, to $111,605. The worldwide cumulative cost of ransomware doubled last year as well, from an estimated $11.5 billion in 2019 to $20 billion in 2020. Insurers felt the pinch too – cyber insurance claims for ransomware attacks increased 41% in the first half of 2020 alone.
All of this translates into huge financial danger for companies in every sector. Healthcare led the pack – An estimated 560 US healthcare targets alone were impacted by ransomware in 2020. More than 45% of cyberattacks against healthcare targets in 2020 were ransomware, but no industry was spared. Manufacturers experienced one-quarter of all ransomware attacks, professional services companies clocked in at 17% and government entities were hit with 13%.
Protection from Ransomware is Priceless
Phishing is the primary delivery source for ransomware, making phishing resistance and defense the cornerstone of a strategy to protect businesses from disasters. There is plenty of room for growth in the area as well – 62% of businesses do not do enough cybersecurity awareness and phishing resistance training.
We’re here to help you find the perfect combination of solutions to protect you and your business from ransomware. Book a meeting with one of our solutions experts now and let’s explore the possibilities. BOOK IT>>
Dark Web ID’s Top Threats This Week
United States – Descartes Aljex Software
https://www.hackread.com/shipping-management-software-firm-data-online/
Exploit: Unsecured Database
Descartes Aljex Software: Shipping Software Developer
Risk to Business: 1.726 = Severe
An unsecured database is always trouble as Descartes Aljex Software discovered this week. 103 GB worth of data belonging to the New Jersey-based company was discovered by researchers after it was left exposed on a misconfigured AWS S3 Bucket. The exposed data contained corporate, client and employee information.
Risk to Business: 1.667 = Severe
An unsecured database is always trouble as Aljex clients’ account data that was exposed included full names, phone numbers, email addresses, Aljex usernames, and plaintext passwords. Carrier information, their full names and email addresses as well as their house addresses and phone numbers were compromised. Client shipment details, shipment information, recipient’s consignee name, shipment origin and destination, addresses, and phone numbers were included in the data that was exposed. Sales representative details were also exposed including full names, corporate emails, Aljex usernames, and sales representative IDs
Customers Impacted: 4,000
How it Could Affect Your Business: Third-party and supply chain risk is growing more dangerous for businesses as the ripple effect of breaches like this fuels cybercrime. Take precautions now to avoid headaches later.
IntegraMSP to the Rescue: Contact us for tips to minimize the impact of this risk and defensive strategies. CONTACT US>>
United States – Guns.com
https://www.hackread.com/hacker-dumps-guns-com-database-customers-admin-data/
Exploit: Hacking
Guns.com: Online Gun Marketplace
Risk to Business: 1.227 = Extreme
An enormous database from Guns.com made an appearance in a hacker forum this week and it’s a major trove of information. The abundant data contains both administrator and user information including user IDs, full names, an estimated 400,000 email addresses, password hashes, physical addresses, ZIPcodes, city, state, Magneto IDs, phone numbers, account creation date and other personal details. One of the folders in the leaked database includes customers’ bank account details including full name, bank name, account type and Dwolla IDs. To top it off, an Excel file in the database was exposed containing sensitive login details of Guns.com including its administrator’s WordPress, MYSQL, and Cloud (Azure) credentials, with all admin credentials including admin emails, passwords, login links, and server addresses in plain text format.
Individual Risk: 1.112 = Extreme
Users of Guns.com are significantly impacted, as extensive banking and personal information has been exposed. They should be wary of identity theft, spear phishing, and business email compromise/fraud risks as well as change any passwords shared with this account
Customers Impacted: 400,000
How it Could Affect Your Business Sensitive Personally Identifiable Information (PII) requires strong protection, especially when financial information for clients is at stake.
IntegraMSP to the Rescue: Make sure that your systems and data have strong protection from hackers with multifactor authentication. ASK US HOW>>
United States – Maricopa Community College
Exploit: Ransomware
Maricopa Community College: Institution of Higher Learning
Risk to Business: 2.312 = Severe
Classes have been disrupted as a suspected ransomware attack has caused extensive IT outages at Maricopa Community College. Education tools including MyInfo, Canvas, RioLearn, Maricopa email, Maricopa Google Tools and the Student Information System/Student Center are unavailable. The 10 college system has extended the semester by at least a week and expects service to be restored this week.
Individual Impact: No sensitive personal or financial information was announced as impacted in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Business: One small email handling mistake can have devastating consequences. Stop ransomware from clobbering your business by preventing employees from interacting with phishing emails.
IntegraMSP to the Rescue: Ransomware risks are up by more than 100%. learn how to fight back. FIGHT BACK>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.