Make sure to add us or contact us for the latest news
 |
 |
 |
 |
 |
 |
 |
Record-Setting Ransomware Risk Can’t Be Ignored
Ransomware risk is skyrocketing around the world. Although other cyberattacks like nation-state hacking and supply chain data breaches may be occupying the tech headlines, no one can afford to turn their backs on the nasty hydra that ransomware has become in 2021. A wide variety of players jockeyed for position including Emotet, REvil, Clop, and nation-state threat actors. From stopping production lines to stealing data, ransomware gangs are growing bolder by hitting precisely positioned targets and asking for bigger ransoms – and that commitment to strategy is why every business should take this threat seriously.
An unusual cocktail of factors created a fertile ground for ransomware. Experts point to factors like the sudden shift to remote workforce security combined with operational neglect due to the pandemic and the stumbling economy as components of an environment that enabled cybercriminals to hit businesses with near impunity – especially in the beleaguered healthcare sector. A surge in email usage also boosted the opportunity for email-based cybercrime. An estimated 8 of 10 organizations increased their email traffic in 2020, leading to a 64% increase in email threat volume.
In a recent survey, researchers determined that approximately 61% of organizations worldwide experienced a damaging ransomware incident in 2020. Drilling down deeper, those unfortunate organizations lost an average of six working days to system downtime, with 37% saying downtime lasted one week or more after that incident. In an effort to recover much-needed data, an estimated 52% of companies held to ransom by cybercriminals paid them off, but only 66% of the payers were able to recover their data. Another 34% of payers never saw their data again.
The increase in the number of ransomware attacks logged in Q4 2020 over the same period in 2019 are astonishing. Cybercriminals had favorable conditions for conducting ransomware attacks and juicy targets abounded, like hospitals and shipping companies directly needed to fight the global pandemic. They didn’t waste their chance to make a big score, either. Ransomware attacks recorded by researchers climbed by 80% in the UK, but that wasn’t even close to the top of the chart. Other notable increases in ransomware attack frequency were the US (98.1%), Germany (145%), Spain (160%), and Sri Lanka (436%). This huge surge in cybercrime has helped produce a thriving dark web economy for stolen data.
That trend is set to continue or worsen in 2021 as cybercriminal organizations refine their post-pandemic attacks to do more damage and earn more money. Targeted ransomware is the new trend, and it is exploding. Researchers determined that targeted ransomware has grown by an eye-popping 767%, easily dwarfing all other types. This increase has been especially felt in the APAC region. Recent numbers logged by UK researchers tell a chilling tale as well, with a record-breaking 11% year-on-year increase in attacks against UK targets in Q1 2021. UK businesses encountered 172,079 cyberattacks each, on average, between January and March 2021, the equivalent of 1,912 per day.
Cybersecurity experts are pointing to a wide variety of potential trouble spots as factors that may help cybercriminals increase their targeted ransomware attacks even more. Budget cuts can lead to organizations failing to update technology. A huge backlog of basic maintenance and patching can leave businesses exposed to flaws. Plus a vast quantity of information snatched from key service providers like BlackBaud and Accellion have opened organizations to risk that they don’t even know about yet. In a 2021 survey, 70% of survey respondents said that they believe that their business will be harmed by email attacks in the next year, up from 59% in 2020. That means that now is the time to take precautions against email-based cybercrime like targeted ransomware. So how can you secure your business against this risk? Here are our best tips.
Give Phishing the 1 -2 Punch
Just under 70% of ransomware is delivered via phishing. Stopping phishing from causing a cybersecurity incident will greatly reduce an organization’s chance of falling victim to ransomware. Strengthen phishing defenses by adding automated antiphishing security that stops dangerous messages from reaching employee inboxes. Then follow that up with customized phishing resistance and security awareness training delivered through a user-friendly portal. Choose plug-and-play modules or personalized campaigns that mimic the real industry threats that your employees will face, reducing their chance of falling victim to a ransomware attack by up to 70%.
Guard Against Surprise Dark Web Threats
How much data about your business is floating around on the dark web? On average, 65% of the information on the dark web at the start of 2020 could damage businesses, and more than 22 million more records were added in the last 12 months including huge lists of passwords. That’s why it’s a smart move for companies to use a product like Dark Web ID to keep an eye out for trouble – 91% of employees in a 2020 survey understood the risk of password reuse, but 59% admitted to doing it anyway, opening their companies up to danger. No one has the time or money to deal with the impact of that unpleasant surprise.
Keep Data Locked Down
Placing strong protections between cybercriminals and data starts with secure identity and access management. Using multifactor authentication is a must (perfect for defending against a phished password and 99% of password-based cybercrime in general).
Download our Handy Phish Files ebook to learn how to stay protected.
Dark Web ID’s Top Threats This Week
United States – Manhunt
https://www.infosecurity-magazine.com/news/dating-service-suffers-data-breach/
Exploit: Hacking
Manhunt: Dating App
Risk to Business: 1.667= Severe
Social network and dating site Manhunt has suffered a data breach. The company filed a declaration with Washington state regulators disclosing that the 20-year-old site was compromised in a cyberattack that took place in February 2021. An unauthorized third party downloaded personal information belonging to some Manhunt users after gaining access to the company’s account credential database. In the notice of data breach, Manhunt revealed that the personal information of an estimated 7,714 Washington residents had been affected, but did not say how many of the site’s approximately 6 million users outside of Washington state were affected.
Risk to Business: 1.667= Severe
The compromised database contained customers’ usernames, email addresses, and passwords. After discovering that a breach had occurred, Manhunt performed a forced reset of all users’ passwords. The stolen information could be used to mount phishing, blackmail and identity fraud attacks.
Customers Impacted: Unknown
How It Could Affect Your Business: Hacking into databases is a profitable enterprise for cybercriminals, especially when juicy personal details are acquired. If you’re storing that kind of information, ensuring that you’re using strong security for information storage is essential.
IntegraMSP to the Rescue: Make sure that everyone on the IT team is up to date on today’s threats and ready for tomorrow’s with the tips and tricks in “The Security Awareness Champion’s Guide“. GET THIS FREE BOOK>>
United States – Eversource Energy
Exploit: Unsecured Database
Eversource Energy: Power Company
Risk to Business: 1.807= Severe
Eversource Energy, the largest energy supplier in New England, has suffered a data breach after customers’ personal information was exposed on an unsecured cloud server. The company serves 4.3 million electric and natural gas customers throughout Connecticut, Massachusetts, and New Hampshire. The unsecured database allegedly contained unencrypted files created in August 2019 that included the personal information of 11,000 Eversource eastern Massachusetts customers.
Risk to Business: 2.177= Severe
Eversource Energy disclosed to customers that the unsecured cloud storage server exposed their name, address, phone number, social security number, service address, and account number. The utility is offering a free 1-year identity monitoring service for impacted customers through Cyberscout.
Customers Impacted: Unknown
How it Could Affect Customers’ Business Unsecured data is a rookie move. Make sure that everyone is following cybersecurity best practices to avoid costly mistakes.
IntegraMSP to the Rescue: Make sure that you’re covering all of the bases to avoid breaches and nasty regulatory action with our Cybersecurity Risk Protection Checklist. GET THE CHECKLIST>>
United States – Radixx
Exploit: Malware
Radixx: Software Company
Risk to Business: 2.207 = Severe
Travel software company Radixx has disclosed a data breach caused by a malware attack that has triggered a dayslong outage, snarling reservations systems at about 20 low-cost airlines around the world. The company said it noticed “unusual activity” around its reservations program on Tuesday. It did not describe the malware or say how it got into the program. Radixx’s parent company is travel software giant Texas-based Sabre Corp.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Business: Hacking that disrupts operations has become an increasingly serious problem for businesses that provide services like software and data storage.
IntegraMSP to the Rescue: Keep your data in and the bad guys out with 2FA.
United States – Gyrodata
Exploit: Ransomware
Gyrodata: Mining Technology
Risk to Business: 2.463 = Severe
A ransomware attack against mining technology organization Gyrodata has potentially leaked the sensitive information of current and former employees. Gyrodata said it has been the victim of a ransomware attack that led to a possible data breach. So far, the number of potential victims has not been confirmed, though Gyrodata, which is headquartered in Houston, Texas, has multiple offices worldwide in countries including Saudi Arabia, UAE, Ecuador, Malaysia, and Scotland.
Individual Impact: No sensitive personal or financial information was confirmed as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware has been an increasingly popular tool for cybercriminals to use against targets in the education sector. Preventing it from hitting systems is just as important as protecting data.
IntegraMSP to the Rescue: Stopping ransomware starts with stopping phishing. in “The Phish Files“, you’ll learn strategies to spot and stop phishing attacks fast. READ THIS BOOK>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.