Please fill in the form below to subscribe to our blog

The Week in Breach News: 05/05/21 – 05/11/21

May 12, 2021

Major breaches at two medical service providers are sending shockwaves throughout the industry. A new email security report from Graphus shows massive cybercrime increases. Plus, government entities around the world have another bad week and a look at how to protect your clients from ransomware attacks targeting infrastructure like this week’s Colonial Pipeline disaster including who should be beefing up security to stay safe from cybercrime.

remote workers pose a cryptocurrency risk

Solve five of the most exhausting remote and hybrid security problems fast with this handy infographic! DOWNLOAD IT>>

United States – MedNetwoRX

Exploit: Ransomware

MedNetwoRX: Medical Information Processing 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.607= Severe

A reported ransomware attack on MedNetwoRX has impeded medical providers’ access to their Aprima electronic health record systems for more than two weeks. This hack impacts medical practices, clinics and hospitals of all sizes, from solo providers to conglomerates that rely on MedNetworx to host the Aprima electronic medical records system from vendor CompuGroup eMDs. MedNetworx says that on April 22, it experienced a network outage that resulted in a temporary disruption to its servers and other IT systems. Two major clients, Arthritis & Osteoporosis Center of Kentucky, the Alpine Center for Diabetes, Endocrinology and Metabolism, have been identified as victims as well as many small single and partner practices. The incident is under investigation and some functionality has been restored.

Individual Impact: No sensitive personal or financial information was confirmed as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business: This is the kind of third-party service provider incident that reverberates for months as rolling damage becomes apparent. With no clear word on what if any data was stolen, your clients could be waiting for a nasty surprise.

ID Agent to the Rescue: Are your clients taking the right precautions to minimize damage from third-party data incidents like this? Get expert advice in our ebook Breaking Up with Third Party and Supply Chain Risk. GET THE BOOK>>

United States – City of Tulsa

Exploit: Ransomware

City of Tulsa: Municipality

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.722= Severe

The city of Tulsa, Oklahoma, has been hit by a ransomware attack that affected the city government’s network and brought down official websites. The attack, which took place on the night between Friday and Saturday, is under investigation and city IT crews have begun restoring functionality and data from backups. This follows a string of ransomware attacks on other US municipalities in recent weeks. City officials were careful to note that no customer information has been compromised, but residents will see delays in-network services. While emergency response is not hampered, 311, some credit card payment systems and the city’s new online utility billing system were impacted.

Individual Impact: No sensitive personal or financial information was confirmed as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Ransomware has been an especially nasty foe for government entities, especially cities and towns. Cybercriminals know that these targets are likely to pay ransoms and unlikely to have strong security or security awareness training in place.

ID Agent to the Rescue: Don’t take chances! Double-and triple-check to make sure that each of your clients is covering all of the bases with our Cybersecurity Risk Protection Checklist. GET THE CHECKLIST>>

United States – Fermilab

Exploit: Credential Compromise

Fermilab: Research Laboratory 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.523 = Severe

The Fermilab physics laboratory has taken action to lock down its systems after security researchers found weaknesses exposing documents, proprietary applications, personal information, project details and credentials. Fermilab, which is part of the US Department of Energy, is a world-famous particle accelerator and physics laboratory in Batavia, Illinois. One database the researchers discovered allowed unauthenticated access to 5,795 documents and 53,685 file entries. One entry point led into Fermilab’s IT ticketing system, which displayed 4,500 trouble tickets. Also found was an FTP server that required no password and allowed anyone to log in anonymously. Other impacted systems exposed credentials, experiment data and other proprietary information that were stored with no security.

Individual Impact: This incident confirmed no sensitive personal or financial information as compromised, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Proprietary data needs to be stored securely. Not only does it give your competition an edge if they can see what you’re doing, but it also gives cybercriminals an edge when they’re crafting a cyberattack against your company.

ID Agent to the Rescue: Keep your data in and the bad guys out with Passly. By including multiple security essentials into one tool, Passly does the job of multiple solutions at a price everyone will love. WATCH A VIDEO DEMO>>

United States – BlueForce Inc.

Exploit: Ransomware

BlueForce: Defense Contractor 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.668 = Severe

Someone who runs training programs may need to upgrade their security awareness training. Defense contractor BlueForce has been hit by the Conti ransomware group. The gang posted data from the operation on its leak site along with supposed chat records from its negotiation with BlueForce. The Conti gang has demanded 17 bitcoin for the decryption key. BlueForce is a Virginia-based defense veteran-owned contractor that works with the US Department of Defense and the US Department of State on program management, training and development initiatives.

Individual Impact: This incident confirmed no sensitive personal or financial information as compromised, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Increased security awareness training makes organizations up to 70% less likely to experience damaging cybersecurity incidents like this one.

ID Agent to the Rescue: Security awareness training including phishing resistance with BullPhish ID is easy and painless for trainers and employees. SEE IT AT WORK IN A NEW VIDEO!>>

United States – CaptureRX

Exploit: Ransomware

CaptureRX: Medical Software Company 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.907 = Severe

Texas-based CaptureRx, fell victim to a ransomware attack in which cybercriminals snatched files containing the personal health information (PHI) of more than 24,000 individuals. The security breach impacted 17,655 patients of Faxton St. Luke’s Healthcare and a further 6,777 patients at Gifford Health Care as well as an indeterminate number of Thrifty Drug Store patients. CaptureRx is currently unclear how many of its healthcare provider clients have been affected by the attack. Nor has the company finished its final tally of how many individuals had their PHI exposed because of the incident.

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.959 = Severe

Data exposed and stolen by the ransomware attackers included names, dates of birth, prescription information, and, for a limited number of patients, medical record numbers. Affected healthcare provider clients were notified of the incident by CaptureRx between March 30 and April 7.

Customers Impacted: 24K +

How it Could Affect Your Customers’ Business: The medical sector has been absolutely battered by ransomware in the last 12 months. Breaches at service providers like this and Accellion show that cybercriminals are playing smart by hitting targets that offer them access to a variety of information that has value for future attacks.

ID Agent to the Rescue: Stopping ransomware starts with stopping phishing. in “The Phish Files“, you’ll learn strategies to spot and stop phishing attacks fast. READ THIS BOOK>>

United States – Alaska Court System (ACS)

Exploit: Ransomware

Alaska Court System: Judicial Body 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.572 = Severe

The Alaska Court System (ACS) was forced to temporarily disconnect its online servers this week due to a cyberattack that installed malware on their systems, disrupting virtual court hearings. The court’s website had been taken offline and the ability to search court cases had been suspended while it worked to remove malware that had been installed on its servers. Activities that may be impacted by the ACS taking its website offline include the ability of the public to view court hearings over Zoom, online bail payments, submitting juror questionnaires and sending or receiving emails to or from an ACS email address.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware is the weapon of choice for cybercrime especially against local, state and municipal governments with often weak or outmoded IT departments.

ID Agent to the Rescue: Don’t let cybercriminals slow your business down – learn to mitigate the risk of trouble in Ransomware 101. DOWNLOAD FREE EBOOK>>

Australia – NSW Labor Party

Exploit: Ransomware

NSW Labor Party: Political Organization 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.109 = Severe

The ransomware group Avaddon is threatening to release a trove of sensitive information including images of passports, driver’s licenses and employment contracts from a ransomware hit on the NSW Labor Party. The cybercriminals have demanded a response to its ransom request within 240 hours and threatened to launch a denial of service attack against the party if it did not pay. NSW Police has come on board in the investigation.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware is the modern cybercriminal’s weapon of choice. Make sure your clients are taking every possible precaution because 61% of organizations worldwide experienced a damaging ransomware incident in 2020.

ID Agent to the Rescue: Review the trends in ransomware in 2020 and see how we expect it will impact businesses in 2021 in The Global Year in Breach 2021. GET THIS BOOK>>

Australia – Schepisi Communications

Exploit: Hacking

Schepisi Communications: Cloud Storage 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.307 = Severe

Melbourne-based Schepisi Communications has been the victim of a suspected ransomware attack. The company’s website has been offline for days after a hacker group said it infiltrated the company’s data systems and posted a disturbing ransom note on the dark web. The company is a service provider for Telstra that supplies phone numbers and cloud storage services. Among Schepisi’s other customers that appeared to have had their information exposed were global food conglomerate Nestle, a Melbourne radio station, an Australian property management firm, and a financial services company based in Victoria.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Malware and ransomware have been the plague of increasingly beleaguered service providers. Every organization in the sector should step up phishing resistance training to reduce the chance of falling prey to an attack.

ID Agent to the Rescue: Make sure that everyone on the IT team is up to date on today’s threats and ready for tomorrow’s by arming them with the essential tips, tricks and walkthroughs for security challenges in “The Security Awareness Champion’s Guide“. GET THIS FREE BOOK>> 

India – WedMeGood

Exploit: Hacking

WedMeGood: Wedding Planning 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.817 = Severe

Legendary cybercrime gang ShinyHunters has dumped a database belonging to WedMeGood, a popular Indian wedding planning platform. WedMeGood is yet to verify the data breach, but dark web analysts say that the database contains 41.5 GB worth of data. Lately, the hacking group has been focusing on leaking databases of Indian entities. 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.773 = Severe

Impacted users have had PII exposed including full names, city, gender, phone numbers, email addresses, password hashes, booking leads, last login date, account creation date, Facebook unique ID numbers, vacation descriptions for Airbnb and other wedding details. Site users will want to be aware of the potential of spear-phishing attacks using this data.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: ransomware attacks have been especially prevalent against targets in India recently, with hits on other major companies like BigBasket and Dr. Reddy’s. Every organization in the sector should step up phishing resistance training to reduce the chance of falling prey to an attack.

ID Agent to the Rescue: Get the tools that you need to conduct security awareness training that includes phishing resistance painlessly in the new BullPhish ID. SEE THE UPDATE WEBINAR>>

Protection from cybercrime danger is easy when you deploy your secret weapon: security-savvy employees! WATCH WEBINAR>>

1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.

Go Inside the Ink to Get the Inside Scoop on Cybercrime

Are you up to date on the latest news that can impact your business and your customers? Here’s a recap:

should you diclose a data breach represented by the words "hacking detected" in red on a blue and white touchscreen

Don’t become a cybercrime statistic. The Cybersecurity Risk Protection Checklist will help you find and fix security gaps. GET IT>>

Fight Back Against Ransomware Attacks with These Resources

In light of the major breach at Colonial Pipeline, we’re shining our resource spotlight on resources that you can use to protect your clients (and your business) from similar incidents. 

  • Ransomware is the favored tool of nation-state actors. Learn how to effectively protect your client’s data and systems from ransomware attacks at a value you’ll both love in our eBook Ransomware 101GET IT>>
  • The most common delivery system for ransomware is a phishing email. In The State of Email Security 2021, explore the transformation of phishing in 2020 and take a look at trends and tools that will enable you to better defend your customers from phishing now. GET IT>>
  • One important metric for avoiding productivity loss when faced with nation-state cybercrime is cyber resilience. Are you and your clients ready to keep operating under challenging conditions? The Road to Cyber Resilience will help you prepare. GET IT>>

Service Providers Are at Risk for Infrastructure Attacks Like What Just Happened at Colonial Pipeline

A major Russian hacking gang has successfully mounted a ransomware attack on major US fuel transporter Colonial Pipeline. The company is the operator of the largest fuel pipeline in the US, moving fuel into states on the Eastern seaboard, transporting more than 100 million gallons of gasoline and other fuel daily from Houston to the New York Harbor. Founded in 1962 and headquartered in Alpharetta, Georgia, privately-held Colonial Pipeline provides roughly 45% of the East Coast’s fuel, including gasoline, diesel, home heating oil, jet fuel and military supplies.

Colonial Pipeline was forced to shut down its operations Friday, May 7 including approximately 5,500 miles of pipeline, responsible for half of the East Coast’s fuel supply. By Tuesday, May 11, workers had restored operations for one of four pipes used to transport fuel. This has also resulted in panic buying of fuel in many impacted regions, even though there is no evidence that shortages are likely. Experts say pipeline operations should return to normal by the end of this week.

Late Monday, FBI officials announced that the culprit is DarkSide, a Russian ransomware gang. Sources familiar with the operation say that the gang stole almost 100 gigabytes of data in the incident. DarkSide has compromised more than 40 victim organizations and demanded between $200,000 and $2 million in ransom from them since its emergence in August 2020. The gang claims to be apolitical and contends that it did not know that a subsidiary was mounting this attack. DarkSide contends that this attack violates their stated policy of socially responsible hacking.

cyberpunk 2077 malware represented by a futuristic looking cityscape featuring many neon signs at night

Want to Borrow Our Sales and Marketing Teams? OK!

Get expert sales and marketing help to power up your MSP in a flash with Powered Services Pro. LEARN MORE>>

Another Major Attack Exposes Major Vulnerabilities

Early reports pegged this as a nation-state cyberattack, but that wasn’t the case. It is noteworthy that the gang clearly targeted the business side of Colonial Pipeline, rather than operations systems on the pipeline itself. However, this doesn’t change the fact that the pipeline was rendered inoperable, illustrating the danger of weak cybersecurity in US infrastructure. Biden administration officials are reportedly frustrated with what they see as Colonial Pipeline’s weak security protocols, a common theme in essential infrastructure.

Another concern is that the FBI informed the US Cybersecurity Infrastructure Security Agency (CISA) about the attack, not Colonial Pipeline. Nor have government agencies or officials been briefed on what the exact vulnerability is that enabled this attack, although as with any ransomware attack the most likely culprit is phishing. The company has contracted FireEye Mandiant to manage the incident response investigation. Private sector companies also worked with US agencies to take a key server offline as recently as Saturday, disrupting ongoing cyberattacks against Colonial Pipeline Co. and other ransomware victims, according to two sources familiar with the matter. CNN reported that federal agencies and private companies were able to cut off key infrastructure used by the hackers to store stolen data before that information could be relayed back to Russia.

In response to that communication breakdown, Senate Intelligence Committee Chairman Mark Warner, D-Va., called for legislation that would require private companies to report cyberattacks to the government on Wednesday. Warner said mandatory reporting of hacks for private companies in certain industries could be modeled on the type of system used for incidents like plane crashes at the National Transportation Safety Board. The senator also pointed out the importance of early warning systems and swift incident resolution to the financial sector. He said the information at firms provide would be kept confidential and subject to limited protection from liability. Experts at Tech Republic agree, that more oversight and regulatory scrutiny for infrastructure operators is needed to prevent this type of attack from continuing to endanger major privately-held infrastructure targets.

Did you catch all of the growth-focused MSP tips at MSP Growthfest? Listen to the recording now to be sure. LISTEN NOW>>

It’s Not Just Big Fish Anymore

So how does this attack translate into a risk for your customers? Attacks like this one, against infrastructure targets and the service providers that operate and support them, are becoming increasingly more common as threat actors look for key targets to hit. CISA contends that attacks like this have jumped more than a 300% over the previous year. Ransomware gangs that perform these operations often work toward several purposes like hunting for juicy ransoms from critical infrastructure, manufacturing and emergency services targets that render inoperable and capture data that can be used or sold in today’s booming dark web data markets. Sophisticated gangs are also always on the hunt for vulnerabilities or opportunities that will allow them to strike at other high-value targets. The Colonial Pipeline attack comes amid rising concerns over the cybersecurity vulnerabilities in America’s critical infrastructure following a spate of recent incidents.

Any organization that provides services for companies in multiple sectors is at risk of landing in the sights of cybercriminals who are probing for vulnerabilities that will allow them to damage infrastructure targets. Many smaller companies that are not in commonly targeted industries may have security gaps that are easy for skilled gangs to get through. Infrastructure attacks are most commonly carried out by gangs with a higher level of sophistication Those same cybercriminals may be considering ransomware attacks that enable them to steal data about or gain backdoor access to their true targets. In some cases, the challenges of supporting a remote workforce have given bad actors an edge when mounting attacks. Experts suspect that may have been the case in the Colonial Pipeline attack.

Nation-state cybercriminals are some of the biggest threats to infrastructure targets. The unclassified version of the 2021 Annual Threat Assessment recently released recently by the US intelligence community concluded that “cyber threats from nation-states and their surrogates will remain acute” as countries with nefarious aims “use cyber operations to steal information, influence populations, and damage industry, including physical and digital critical infrastructure.” Ransomware is the preferred weapon of nation-state cybercrime. But other sectors are also at risk for nation-state ransomware attacks. Over 90% of security alerts released by Microsoft about nation-state cyberattacks in 2020 warned of danger against non-governmental or infrastructure targets.

Which industries saw the most phishing last year? These 5 did in a year of record-setting threat growth. See how to protect your business.

See how to fix staffing problems, fill security gaps and make more money fast with security automation. LEARN MORE>>

The Target List is Expanding

Some sectors that have recently been under threat include:

  • Infrastructure & Utility Services Infrastructure targets are high on the ransomware priority list, and so are the companies that facilitate their operations. Not only do cybercriminals know that these services will need to be restored quickly, giving them a better shot of getting paid, but successful strikes against the specialty service providers for those targets can provide them with valuable data, credentials, malware delivery systems and backdoors that facilitate more attacks.
  • Transportation & Logistics Transportation and logistics targets got hammered in the run-up to vaccine distribution. Ransomware gangs, some of them nation-state threat actors, conducted a spear phishing/ransomware campaign against organizations in six countries involved in providing special temperature-controlled environments to support the COVID-19 supply chain.
  • Manufacturing Taking advantage of a greater reliance on remote operations software, ransomware gangs and nation-state threat actors turned their weapons on a wide array of manufacturers in 2020, including brewers in Australia. In addition to general ransomware danger, Commercial facilities and manufacturers are high priority targets for nation-state actors as well.
  • Education & Research Russian and Chinese state-sponsored hackers took the website and IT system of the UK Ministry of Defence training school offline using ransomware in an attempted incursion into the larger systems of the UK Defence department. Ransomware gangs also hit many colleges conducting remote learning as well as medical schools, research facilities and institutions involved in gathering data about COVID-19 in 2020.
  • Pharmaceutical Strikes against pharma were fast and furious in 2020, culminating in a period in which 3 major companies were hit in the same week. Ransomware gangs including nation-state actors were involved in ransomware attacks against laboratories and pharmaceutical companies developing vaccines for COVID-19 like Pfizer, Takeda and Dr, Reddy’s.
  • Healthcare Innumerable hospitals, clinics and medical facilities were nailed by ransomware gangs in 2020 sometimes impacting patient care, and healthcare is still at the top of the list for ransomware. A recent tally notes 92 individual ransomware attacks occurred at healthcare organizations, and 600 clinics, hospitals and organizations were affected. In addition, more than 18 million patient records were impacted by these ransomware attacks, a 470% increase from 2019.
  • Insurance Just a few weeks ago, CareFirst BlueCross BlueShield’s Community Health Plan District of Columbia (CHPDC) reported a ransomware attack conducted by nation-state actors in which data on more than 100k insureds was stolen and attempts were made to leverage its systems against its partners.
  • Cybersecurity, Software, Cloud Computing, & Digital Services Companies that provide software, services and security are in cybercriminal sights as quick, quiet ways to access systems at major entities in government, defense and business, as we saw in the recent Microsoft Exchange hack. This method of targeting has been spectacularly successful with breaches at critical data processing and storage giant Accellion creating ripple effects that lasted for months after the initial hit.

top phishing scams of 2020

Don’t get caught by phishing! Learn more about types of attacks and how to avoid them in The Phish Files. READ THIS BOOK>>

Prepare Now to Avoid Trouble Later

This attack only reinforces the lesson taught through the Solarwinds incident as well as data breaches: cybercriminals are willing to go into the supply chain and hit third-party service providers in order to get to their big targets. Experts estimate that 51% of businesses were victims of ransomware in 2020. For SMBs that fall in their sights, it’s often a case of looking for a weak security link that will allow these gangs access to systems and data that will further their aims. Ransomware cyberinsurance claims grew by 260% in 2020. Take your clients out of the line of fire by equipping them to present a strong defensive posture to these predators.

Stop Phishing Lures from Landing

The number one tool of sophisticated cybercrime gangs and nation-state cybercriminals is ransomware. Reduce the chance of a ransomware attack landing by reducing the chance of someone falling for phishing. The freshly retooled BullPhish ID makes it a snap to create industry-specific content for your clients that simulates the real threats that their employees face every day including attachments, or our plug-and-play kits are constantly updated to reflect new threats. Take a look at the new BullPhish ID in this webinar.

Stay Up to Date on Trends

In our eBook Breaking Up with Third Party and Supply Chain Risk, we look at how ransomware trends were aligned with major world events in 2020. Stay in the know about what trends are emerging to spot the next big area of impact and get your business and your customers prepared accordingly. Get a complete analysis of cybercrime trends in 2020 and our predictions on what we expect to see this year as well as data that you can use to make your own projections in The Global Year in Breach 2021. Then use our Cybersecurity Risk Protection Checklist to make sure that all of the bases are covered for each of your clients.

Lock Every Entrypoint

Make sure that your clients understand the real power of secure identity and access management to protect them from danger if their business is targeted in an infrastructure ransomware attack. By adding an affordable solution like Passly, your clients gain protection against common attacks that these threat actors use, like logging into systems with a phished password to deploy ransomware. Multifactor authentication (MFA)is the most powerful defensive tool that your clients can implement now, and it stops 99.9% of password-based cybercrime according to experts at Microsoft. In addition to its usefulness as a weapon against hacking. This video explains more about the benefits of Passly.

We’re here to help if you would like to learn more about ways that you can protect clients who may be in the line of fire from damaging, dangerous attacks like this one. From dark web monitoring to phishing resistance training, the ID Agent digital risk protection platform helps businesses mitigate their risk of cybersecurity disasters. Our solutions experts are happy to help you find the right defensive combination to secure any organization. Let’s get together and talk about how we can help your clients and your business! SCHEDULE A CONSULTATION>>

May 11 – 14: Robin Robins Boot Camp (Orlando and Virtual) REGISTER NOW>>

May 13: MSP Master Certification: Proper Service Desk Incident Escalation and Lifecyle Management for Resolution REGISTER NOW>>

May 17: MSP Cybersecurity Certification REGISTER NOW>>

May 19 – 20: ASCII Success Summit (Houston, Texas) REGISTER NOW>>

May 21: Show Your Clients Every Single Compromised Employee Credential in Minutes REGISTER NOW>>

May 26: MSP Gym (EMEA Edition) REGISTER NOW>>

May 26: MVP Growthfest (APAC Edition) REGISTER NOW>>

June 15: Deploy Your Secret Weapon: Security-Savvy Employees REGISTER NOW>>

Is Your Business in Danger from an Infrastructure Attack?

Infrastructure targeted cyberattacks aren’t just the problem of big business, government and military targets these days. Increasingly, cybercriminals including nation-state actors, are setting their sights on smaller companies that may have weaker security. One in four attacks that IBM Security X-Force Incident Response remediated in 2020 were caused by ransomware. But by taking a few sensible precautions, you can bolster your defenses against this threat.

Experts estimate that 51% of businesses were victims of ransomware in 2020. These included companies in data handling, cloud computing, medical information processing and storage, transportation, manufacturing, education and many other sectors that may not at first glance seem like infrastructure targets. By attacking companies that do business with big fish, cybercriminals can gain information about them, or even gain access to the systems of major targets, like recently happened with Solarwinds.

Cybercrime gangs overwhelmingly favor ransomware as their weapon of choice in these attacks. This multifunctional tool can be used to shut down production lines, steal data, lock down servers and cripple services. The number one delivery system for ransomware is phishing – 94 % of ransomware arrives at businesses via email. By preventing phishing attacks from finding success at your business, you can protect your business from ransomware.

BullPhish ID is the perfect solution for training staffers to resist phishing attacks. Customization capability means that your employees can be trained in simulations that mimic real threats that they face every day, no matter what your industry – including URLs, attachments and content. Plus, increased security awareness training that includes phishing resistance can reduce your risk of suffering a cybersecurity incident by up to 70%!

Take action now to protect your business from this growing threat by implementing sensible precautions like a security assessment to find vulnerabilities and increased security awareness training to ensure that you’re ready for trouble.

Get high-quality tools to help you connect with your customers with our free resources for marketing and education like eBooks, webinars, social media graphics, infographics, and more!

Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in its entirety) for your own social media and marketing efforts. Just send an email to [email protected] to let us knowwe welcome your feedback and we love to hear about how our content works for you!

Ready to become an ID Agent Partner or learn more about our remote-ready suite of cybersecurity solutions including the award-winning DarkWeb ID? Contact us today!