The Week in Breach News: 09/28/22 – 10/04/22
We’re kicking off Cybersecurity Awareness month with a bang! A $250k BEC attack hits Boulder County CO, BlackCat delivers ransomware to a New Jersey defense contractor, a berry big data breach at an agricultural giant & four easy ways to help your clients reduce non-malicious insider risk.
Go inside BEC scams & get tips to keep businesses safe from today’s most expensive cyberattack. DOWNLOAD EBOOK>>
NJVC
https://cybernews.com/news/blackcat-breached-department-of-defense-contractor-went-offline/
Exploit: Ransomware
NJVC: Defense Contractor
Risk to Business: 1.806 = Severe
The BlackCat ransomware group has claimed responsibility for an attack on IT services provider NJVC. The company primarily serves the U.S. defense and intelligence community. The group has threatened to begin leaking NJVCs data in stages. However, it’s had difficulty following through on that threat – BackCat’s dark web leak site experienced technical difficulties shortly after the threat was made, and by September 30 they had removed NJVC from their hit list. No word on what if any ransom was paid or what data may have been compromised.
How It Could Affect Your Customers’ Business: Attacks like this against defense contractors are very dangerous and could impact national security.
ID Agent to the Rescue: See the biggest risks that businesses in different sectors face today and get a look at what your clients will be facing tomorrow in The Global Year in Breach 2022. DOWNLOAD IT>>
Fast Company
https://www.spiceworks.com/it-security/data-security/news/fast-company-data-breach/
Exploit: Hacking
Fast Company: News Publication
Risk to Business: 2.713 = Moderate
Apple News was forced to disable business news publication Fast Company after hackers compromised the business magazines’ content management system and used it to send racist and inappropriately sexual push notifications to Apple News users. Other news outlets that carried Fast Company’s content like INC. Magazine shut down their websites briefly to prevent suffering the same fate. Reports say that Fast Company’s website was defaced with foul language last Sunday after a hacker going by the nickname “postpixel”, claimed they were able to crack the default password used across multiple accounts, including that of an administrator. The hacker also claims to have had access to other content delivery streams and internal systems. Customer records were not impacted. The publication’s site remains down as the incident is handled.
How It Could Affect Your Customers’ Business: this publication is tied to the websites of other publications creating a cascade of danger for everyone involved
ID Agent to the Rescue: Curious to see if you’re offering your clients the right dark web monitoring solution? Explore your options with The Dark Web Monitoring Buyer’s Guide for MSPs. DOWNLOAD IT>>
Physician’s Business Office
Exploit: Hacking
Physician’s Business Office: Medical Practice Management
Risk to Business: 1.601 = Severe
West Virginia-based healthcare business services provider Physician’s Business Office has notified 196,573 patients that their personal data and protected health information was likely stolen during a hack of its network in April 2022. Although HIPAA provisions call for affected patients to be informed within 60 days of the incident, the company didn’t meet that deadline, saying that it was working “to collect current mailing addresses for all potentially impacted individuals.” Providers were informed in late July 2022.
Risk to Individual: 1.624 = Severe
The stolen data could include patient names, Social Security numbers, dates of birth, driver’s licenses, treatments, diagnoses, contact details, disability codes, prescription information, and health insurance account details. Patients will receive free credit monitoring and identity theft protection services.
How It Could Affect Your Customers’ Business: An incident like this is going to cost a fortune to fix and incur a boatload of noncompliance fines.
ID Agent to the Rescue: Security awareness training helps your customers avoid trouble. Build an effective program with the guide How to Build a Security Awareness Training Program. GET IT>>
Reiter Affiliated Companies
https://www.jdsupra.com/legalnews/major-berry-producer-reiter-affiliated-4783686/
Exploit: Hacking
Reiter Affiliated Companies: Berry Producer
Risk to Business: 1.624 = Severe
Reiter Affiliated Companies, the world’s largest fresh multi-berry producer, has disclosed the theft of personal and health information of 93,000 people. The data appears to be tied to the health and welfare plans of Reiter Affiliated Health and Southern Pacific Farming. The attack appears to have occurred in late June but was not discovered until early July. The company sent data breach notifications to the parties involved in early September 2022.
Risk to Individual: 1.733 = Severe
The stolen data was tied to plan enrollment rosters, which contained member names, identifying information, contacts, SSNs and dates of birth.
How it Could Affect Your Customers’ Business: This type of data will be very profitable for the bad guys who are always on the hunt for more.
ID Agent to the Rescue: Are you offering the right training solution to help your clients avoid trouble? Find out with the Security Awareness Training: Buyer’s Guide for MSPs DOWNLOAD IT>>
Boulder County, CO
https://www.fox29.com/news/colorado-county-mistakenly-sends-238k-to-hackers-after-cyberattack
Exploit: Business Email Compromise
Boulder County, CO: Regional Government
Risk to Business: 1.116 = Extreme
Officials in Boulder County, Colorado have disclosed that the county was recently the victim of a successful business email compromise attack. Hackers obtained access to one of its vendors through a cyberattack and used the company to send spear-phishing emails to country employees. Ultimately, the county ended up sending $238,000 to the bad actors. The county is working with federal law enforcement in the ongoing incident investigation.
How it Could Affect Your Customers’ Business: Governments are common targets for BEC schemes and government agencies must be alert for schemes like this one.
ID Agent to the Rescue: Learn more about real BEC scams and how to stay out of trouble in The Comprehensive Guide to Business Email Compromise. DOWNLOAD IT>>
Learn how a new integration between BullPhish ID & Graphus saves time & money. SEE THE DETAILS>>
Canada – Yukon Department of Education
Exploit: Employee Error
Yukon Department of Education: Local Education Authority
Risk to Business: 2.702 = Moderate
The personal data of more than 500 students was exposed inadvertently by an employee of the Yukon Department of Education. Reports say that a department employee included the email address of someone who was not authorized to view the information when forwarding a spreadsheet containing the data of students who applied to a post-secondary grant program to colleagues. The recipient claims to have never opened the message. The incident took place in late August 2022 but affected students and their parents were not informed until mid-September. The district says that it is working with the Department of Education to ensure it has met its obligations under the Access to Information and Protection of Privacy Act. No information is available about the exact nature of the data exposed.
How it Could Affect Your Customers’ Business: Employee mistakes like sending the wrong file are the most likely way that a company will suffer a data breach.
ID Agent to the Rescue: A strong security culture reduces the risk of an incident. Help your clients build one with The Building a Strong Security Culture Checklist! DOWNLOAD IT>>
Get tips from experts in our webinar MSP Cybersecurity Roundtable: How to Improve Your Incident Response Plan WATCH NOW>>
Hong Kong – Shangri-La Hotels
Exploit: Hacking
Shangri-La Hotels: Hospitality Company
Risk to Business: 1.816 = Severe
The Shangri-La hotel group has said that a database containing the personal information of customers at eight of its Asian properties between May and July has been accesses by bad actors. The company disclosed that hotels in Hong Kong, Singapore, Chiang Mai, Taipei and Tokyo were involved in the incident. The incident took place between May and July, a period during which a Shangri-La hotel in Singapore hosted Asia’s top security summit. The company said it had not yet been able to determine what data had been stolen.
Risk to Business: 1.718 = Severe
Customer data has been exposed including home addresses, drivers’ licenses, passport numbers. names, addresses, phone numbers, email addresses and individuals’ preferred pronouns. The company says that no financial or commercial account data was accessed.
How it Could Affect Your Customers’ Business: Hotels are a prime place for bad actors to snatch data because they have a wide variety of customer information.
ID Agent to the Rescue: Sell clients on the benefits of security and compliance training with the bottom-line data in The Business Case for Security Awareness Training. DOWNLOAD IT>>
See cybercrime trends & the results of thousands of phishing simulations in The Global Year in Breach 2022. DOWNLOAD IT>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident
See how today’s biggest threats may impact your MSP and your customers in our security blogs.
- Why You Should Be Worried About This Devastating (& Growing) Cyber Threat
- Learn from These BEC Attack Scenarios
- What Is Email Spoofing?
- How AI Protects Businesses from BEC
- The Week in Breach News: 09/21/22 – 09/27/22
It’s a bird, it’s a plane, it’s your revenue rising into the stratosphere with 6 Power-Ups That Will Make You a Sales Superhero. GET IT>>
Refreshed Powered Services Pro Campaigns: Insider Threats – Security & Compliance
The Insider Threats Pro Campaigns for both Security and Compliance just got a makeover! Utilize the updated content and new graphics from these refreshed campaigns to reinforce the risks posed by accidental and malicious insider threats.
Insider Threats – Security Campaign
Get tools and resources that you can use to open a dialogue with your clients and help organizations understand how insiders – employees, contractors, and vendors – can pose the greatest security risk to a business. Learn how to guide your clients into putting measures in place to detect and prevent accidental or malicious insider threats before they result in a cybersecurity incident.
Insider Threats – Compliance
Use the materials in this campaign to remind your clients why adherence to regulatory compliance standards should be a top priority for SMBs that want to avoid penalties and potentially reduce their risk for an expensive data disaster. Encourage them to work with you to find potential lapses in regulatory compliance that can result from insider threats and correct those problems fast.
A Trio of Resources That Arm You to Reduce Insider Risk
Kick off Cybersecurity Awareness Month by tackling one of your clients’ most pernicious security problems: insider risk. These resources can help you get started:
Guide to Reducing Insider Risk – This eBook is packed with data about insider risk and tips to reduce it. DOWNLOAD IT NOW>>
MSP Cybersecurity Roundtable: Insider Risk – Watch this webinar for expert advice on handling insider risk for your clients. WATCH NOW>>
Building a Strong Security Culture Checklist – Share this with your clients and open up a discussion about areas where they may need help.GET CHECKLIST>>
Did you miss…? The BullPhish ID/Graphus “Drop-a-Phish” integration explainer GET IT NOW>>
See five things that you can do to reduce nation-state cyber threat risk for your clients fast. GET CHECKLIST>>
4 Ways to Help Your Clients Lower Their Insider Risk Fast
As we’ve seen in recent high-profile data breaches, even the best-laid security plans can be quickly undone by an employee error. Cybersecurity Awareness Month is the perfect time to dive into finding new ways for your clients to reduce the chance of something going awry. You’re never going to be able to help your clients eliminate non-malicious insider threats. Employees are human and humans will inevitably make mistakes. But you can take action to help your clients reduce their risk of experiencing a cybersecurity disaster caused by an employee blunder by both educating employees about cybersecurity awareness and putting secondary safeguards in place to act as fail safes.
Download The Guide to Reducing Insider Risk for an in-depth look at the problem & tips to fix it GET IT>>
Defining Insider Risk
Before we look at how to mitigate insider risk, it’s important to know what that risk is and who might contribute to it.
Insider risk: An insider is someone within an organization. An insider risk comes from the actions that employees take around cybersecurity that impact company systems and data.
Malicious insider: Employees who intend to deliberately harm a business. Malicious insiders cause massive damage quickly by taking harmful security actions like stealing company secrets, selling access to a company’s network or deploying ransomware.
Accidental/non-malicious insider: These are average employees who don’t cause harm intentionally. Instead, accidental or non-malicious insiders harm security through negligence or error. Unfortunately, errors can be just as devastating to a company as intentional sabotage.
Learn to identify and mitigate fast-growing supply chain risk with this eBook. DOWNLOAD IT>>
How Can I Change my Client’s Insider Risk Calculus?
Your clients face some level of risk from insider threats every day, and as long as people are involved anywhere in a business process, they will continue to carry that risk. Human error is the reason for almost one-quarter of data breaches. However, you can help them minimize their exposure by taking steps to change their risk factors.
Reduce employee exposure to phishing
The biggest risk for disaster that your clients encounter daily is phishing. Nine in 10 incidents that end in a data breach start with a phishing message. With phishing at an all-time high, eliminating phishing is the first and largest step to reducing insider risk for your clients. Nearly 60% of organizations in a recent Ponemon Institute study said that they have experienced data loss or exfiltration incidents caused by an employee data handling mistake using email in the last 12 months. Stopping phishing messages from reaching employees and giving employees an easy way to ask for help about suspicious messages is essential for stemming the tide of phishing that swamps your clients’ businesses every day. After all, an employee can’t accidentally click on a phishing message that they didn’t receive, quickly reducing the risk of a phishing-related data breach or cyberattack.
Set businesses on the zero trust path with the 6 Tips for Implementing Zero Trust Security infographic! GET IT>>
Enable clients to run frequent phishing simulations
Phishing simulations work, and they’re a must-have for businesses today. Most employees aren’t good at noticing that an email isn’t legitimate without training. Employees encounter this threat constantly, but a shocking number of businesses aren’t taking action to combat it. Only just over half of organizations do anti-phishing training at all. It’s essential to communicate to your clients the message that when employees can confidently spot and avoid phishing traps, companies. Clicking on a phishing email is the most likely way that an employee will make a mistake that leads to a security disaster – and one in four employees has done it.
Phishing awareness training doesn’t work overnight, but it does work. In a report by Microsoft, analysts determined that when employees receive simulated phishing training, they’re 50% less likely to fall for phishing. Training with phishing simulations, like every kind of cybersecurity awareness training, makes a difference in employee behavior and a company’s risk of an accidental incident caused by an employee’s mistake around phishing over time. After 12 phishing simulations, click rates on malicious links and attachments can drop up to 50%.
It’s important for you to make sure that your clients know that training must take place on a regular schedule to be effective. Training employees with phishing simulations can reduce a company’s phishing risk from 60% to 10% within the first 12 months. That’s an impressive result for a fairly inexpensive solution to a major problem. But your clients will only enjoy risk reduction like that if they run consistent phishing simulation training.
Get a step-by-step guide to building an effective security and phishing awareness training program. GET GUIDE>>
Help your clients ensure that every employee feels like part of the security team from day 1
In a strong security culture, employees are attuned to the importance of maintaining security around data and systems. Those employees are more likely to make smart choices when it comes to security, making a company’s defenses stronger and its data safer. In a study by Osterman Research, analysts noted that the less security awareness training employees receive, the less they see themselves as playing a role in maintaining security. An estimated 70% of employees who had little to no security awareness training monthly said that they didn’t play a role in defending their company from cyber threats. But with a minimal amount of time spent in training every month, there’s a 40% improvement in the percentage of employees that are aware that they play an active role in defending their organization from cyber threats.
Fostering security awareness involves putting many building blocks in place to ensure that cybersecurity needs are built into a company’s processes and procedures. It’s critical to ensure that employees understand the importance of security on day one of their employment. One effective measure to ensure that employees are looped in on their role in the security process is to encourage your clients to include a security component in their onboarding process. Less than half of security leaders in a survey said that their teams play a role in the employee onboarding process in a recent survey. Also, remind your clients that it’s important to include security in the offboarding process too.
Get 10 tips to help you build a strong security culture & reduce your risk of cybersecurity trouble! GET INFOGRAPHIC>>
Encourage clients to build a positive security culture to maximize employee security awareness
The primary cause of all cybersecurity incidents, whether it’s a cyberattack, a data breach or a configuration mistake, is employee error. Human error is responsible for an estimated 90% of security breaches according to IBM’s X-Force Threat Intelligence Index. It’s inevitable that your clients will have incidents caused by employee errors. However, you can help them set up a security and compliance awareness training program that can reduce their risk and foster a strong security culture.
One of the biggest barriers to reducing the number of security mistakes that employees make is making them aware of the fact that everyone is on the security team. Most employees don’t understand their relationship to data security or preventing cyberattacks. About 45% of respondents in a HIPAA Journal survey said that they don’t need to worry about cybersecurity safeguards because they don’t work in the IT department. That’s scary. It’s also a reminder that although security may seem top of mind to IT professionals, it’s not even on most employees’ radar unless they’re encouraged to put it there.
It’s important that employees know that it’s okay for them to seek help with security procedures or if they make a cybersecurity-related mistake. Just under 30% of employees fail to report cybersecurity mistakes out of fear. That’s not something any company can afford. In a healthy security culture, every employee should know who they can turn to if they have security questions and that they won’t get fired for asking questions or reporting problems. Unfortunately, that’s often not the case. Almost half (45%) of workers in a study said they didn’t know who to report a security incident to. Just closing that small gap can make a difference, reducing a company’s risk of trouble.
Go inside nation-state cybercrime to get the facts and learn to keep organizations safe from trouble! GET EBOOK>>
Decrease your clients’ risk with these solutions
It’s an indisputable fact: Cybersecurity awareness training works. Companies that engage in regular security awareness training have 70% fewer security incidents. They also enjoy a reduction in password problems, the cost of handling phishing incidents and even the business impact of a cyberattack.
Security awareness and compliance training plus phishing simulation
BullPhish ID is the ideal security and compliance awareness training solution for companies of any size. This powerhouse is the channel leader in phishing simulations.
- An extensive library of security and compliance training videos in eight languages
- Plug-and-play or customizable phishing training campaign kits
- New videos arrive 4x per month and new phishing kits are added regularly
- Easy, automated training delivery through a personalized user portal
You’ll love our latest integration between BullPhish ID and Graphus! If you’re already using BullPhish ID for security and compliance awareness training and phishing simulations, you’ll love our latest integration Advanced Phishing Simulations (Drop-A-Phish). This feature leverages the power of integration with Graphus to eliminate the need for domain whitelisting and ensure 100% campaign deliverability to end users when running phishing simulations. LEARN MORE>>
Dark web monitoring
Dark Web ID offers best-in-class dark web intelligence, reducing credential compromise risk.
- 24/7/365 monitoring using real-time, machine and analyst-validated data
- Fast alerts of compromises of business and personal credentials, including domains, IP addresses and email addresses
- Live dark web searches find compromised credentials in seconds
- Create clear and visually engaging risk reports
Automated, AI-powered antiphishing email security
Graphus AI-enabled, automated email security that catches 99.9% of sophisticated phishing threats and offers amazing benefits.
- Forget old-fashioned safe sender lists. Graphus analyzes the content of messages using more than 50 points of comparison to suss out fakes fast.
- Cloud-native security harnesses machine learning to inform AI using a patented algorithm.
- 3 layers of powerful protection at half the cost of competing solutions
- Don’t waste time on fussy configurations or adding threat reports. AI does that for you, getting everything up and running with just a few clicks and minimal maintenance.
Make sure your clients have all the bases covered with the Computer Security To-Do Checklist! GET IT>>
Reserve your space now at the next Cybersecurity Roundtable on October 11 at 2 pm ET and join our experts to discuss today’s nastiest BEC schemes, why BEC is growing so fast and how you can protect your clients from trouble. REGISTER NOW>>
October 6-7: ASCII MSP Success Summit 2022 – Dallas REGISTER NOW>>
October 13: Cybersecurity Summit in Scottsdale REGISTER NOW>>
October 25: Security Suite Product Update Webinar REGISTER NOW>>
October 25-26: Southwest US Summit REGISTER NOW>>
November 2-3: ChannelPro SMB Forum 2022: Los Angeles REGISTER NOW>>
December 6: Connect IT Local – Atlanta REGISTER NOW>>
December 8: Connect IT Local – Miami REGISTER NOW>>
Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
ID Agent Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!
Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!
Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>
See Graphus in action in an on-demand video demo WATCH NOW>>
Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!