The Week in Breach News: 10/20/21 – 10/26/21

---

Ransomware becomes a TV star at Sinclair Broadcast Group, cybercriminals bring tricks and no treats to candymaker Ferrara Candy Company and how cyberattack stress impacts consumers, customers and employees.

---

---

---

Sinclair Broadcast Group

https://thecyberwire.com/newsletters/week-that-was/5/42

Exploit: Ransomware

Sinclair Broadcast Group: Television Station Operator 

Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business: Locking down networks and production lines to cause operational disruption is the name of the game for many ransomware groups in order to force a speedy ransom payment.

ID Agent to the Rescue: Learn more about how ransomware is evolving, what we predict that you’ll see next, and how to protect your clients in Ransomware Exposed. GET THIS EBOOK>> 

---

Ferrara Candy Company

https://www.forestparkreview.com/2021/10/22/candy-production-impacted-by-ransomware-attack/ 

Exploit: Ransomware

Ferrara Candy Company: Candy Manufacturer

Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business Manufacturers have been increasingly falling into cybercriminals’ sights, especially at peak times in their respective industries.

ID Agent to the Rescue: Building cyber resilience helps insulate organizations from trouble like this. Learn more about why cyber resilience is the ticket to a safer future for your clients. GET THIS EBOOK>> 

---

United States – CoinMarketCap

https://www.cryptodaily.co.uk/2021/10/CoinMarketCap-Data-Breach-Leaks-3-1-M-Email-Addresses

Exploit: Hacking

CoinMarketCap: Cryptoasset Tracker

Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time. So far it’s only an email address list, no other information.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business Attacks on the banking, crypto and fintech sectors have been growing, creating complications for every financial services organization.

ID Agent to the Rescue:  See how to transform every employee into a security asset to become the real secret weapon that successful organizations deploy to fight cybercrime like phishing! WATCH NOW>>

---

---

---

United Kingdom – Tesco

https://www.bbc.com/news/business-59027423

Exploit: Hacking

Tesco: Supermarket Chain

Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Cyberattacks can come from myriad sources but they all cause companies to lose revenue and suffer a negative impact on customer relationships.

ID Agent to the Rescue: Gamify cybersecurity and information safety to make it interesting. Our Security Awareness Champion’s Guide helps explain complex risks in a fun way! DOWNLOAD IT>>

---

Switzerland – MCH Group

https://portswigger.net/daily-swig/swiss-exhibitions-organizer-mch-group-hit-by-cyber-attack 

Exploit: Ransomware

MCH Group: Event Management

Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Service providers have been popular targets for cyberattacks because they often maintain databases that will score a big payday for cybercriminals on the dark web.

ID Agent to the Rescue Over 80% of organizations felt the sting of cybercrime in 2020. See what cybercriminals are shopping for to better predict what will happen next in The Global Year in Breach 2021. READ IT>>

---

Spain – Atento

https://www.zdnet.com/article/customer-services-firm-atento-hit-by-cyberattack/

Exploit: Hacking

Atento: Customer Service Center Operator

Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Brazil has been experiencing an uptick in cyberattacks in recent months including insurers, retailers and other businesses that store a large volume of data.

ID Agent to the Rescue Horrors like ransomware lurk around every corner, lying in wait for unwary organizations. Learn how to defeat them in our new eBook Monsters of Cybersecurity. DOWNLOAD IT NOW>>

---

Our partners typically realize ROI in 30 days or less. See why nearly 4,000 MSPs in 30 countries choose to grow with ID AGENT solutions and support. BECOME A PARTNER>>

---

---

Thailand – Centara Hotels & Resorts

https://www.zdnet.com/article/luxury-hotel-chain-in-thailand-reports-data-breach/ 

Exploit: Hacking

Centara Hotels & Resorts: Hotel Chain

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Computer hardware manufacturers have been very attractive to hacers as teh chip shortage grinds on, putting pressure on the industry, something cybercriminals love to exploit.

ID Agent to the Rescue See how industry trends ans stressors impact the cybercrime landscape in our annual cybercrime report The Global Year in Breach 2021. DOWNLOAD IT NOW>>

---

---

---

---

---

---

Go Inside the Ink to Get the Inside Scoop on Cybercrime

---

Are you up to date on the latest news that can impact your business and your customers? Here’s a recap:

• How Attractive is Your Business to Ransomware Gangs?
• What is Your Phishing Risk?
• Phight the Phish: 1 in 4 Companies is at Risk of a Phishing-Related Data Breach
• 10 SMB Cybersecurity Facts that MSPs Need to Know About Attitudes & Purchasing
• The Week in Breach News: 10/13/21 – 10/19/21 

Kaseya Patch Tuesday: NEW! Patch notes & bug fixes for October 2021 are up: SEE PATCH INFO>> 

---

---

The Web is Dark and Full of Terrors!

Use these resources to help your clients ward off danger from today’s nastiest cybersecurity nightmares!

Monsters of Cybersecurity – Learn to defeat cyberattack horrors keep your clients’ systems and data safe from harm. DOWNLOAD IT>>

The Cybersecurity Monster Hunter’s Checklist – Don’t leave an opening for evil cybercriminals to slip through! DOWNLOAD IT>>

IT Cybersecurity Certification Digital Risk Masterclass – Gain a credential that validates your expertise to clients and prospects! WATCH NOW>>

---

Did You Miss…?  See what’s next at ID Agent in our Quarterly Product Update! WATCH NOW>>

---

---

---

---

No company ever wants to experience a cyberattack, let alone ride the roller-coaster of incident response and recovery. But an increasing number of companies are finding themselves on that path as cybercrime numbers reach new records. But when businesses consider the cost of a cyberattack, they may not be considering costs that are harder to quantify like damaged consumer sentiment, reduced new business prospects and lowered employee performance. Yet these factors could have a serious impact on a company’s future in the wake of a cyberattack. 

---

---

Damaged Consumer Sentiment & Reduced Business Prospects

---

Cybersecurity has been a hot topic at news organizations as cyberattacks rock major companies bringing the prospect of a cyberattack affecting them much closer to home for consumers. In just the past 12 months, incidents like the Colonial Pipeline attack and the massive US Federal government hack have brought the danger that comes from cybercrime into focus – and everyone is paying attention. 

 In an online survey of 2,500 adults in the US and Canada conducted in July 2021 by research firm Opinion Matters, it was clear that news of cyberattacks is having a negative impact on consumers and how they feel about businesses who fall victim to them. Researchers found that when asked about how cybersecurity events impacted them, seven in ten respondents said news of data breaches caused them stress. Digging deeper, the researchers found that 64% of respondents said that reading or seeing coverage of ransomware attacks in the news has left them feeling stressed.  

The potential that they may be impacted when a company that they do business with experiences a cybersecurity incident like a data breach was ranked as one of life’s top stressors for many respondents. Almost 40% of respondents indicated that that having their bank account compromised in a cyberattack would be more stressful than losing their employment. The amount of exposure that consumers have to cybersecurity incidents that impact their lives at businesses, non-profits, government agencies and other targets has nearly doubled as well as data breach numbers continue to escalate. Cybersecurity incidents had been experienced by nearly half of all respondents within the past two years, compared to 28% in 2019.   

---

---

The results of a recent poll by The Pearson Institute and the Associated Press-NORC Center for Public Affairs Research. Make it clear that consumers are also paying attention to how companies are handling and protecting their personal information. That study’s research shows that 9 in 10 Americans are at least somewhat concerned about hacking that involves their personal information, financial institutions, government agencies or certain utilities, and an estimated two-thirds say they are very or extremely concerned about their personal and financial information being compromised a data breach.  

Consumers also believe that businesses don’t really care about protecting their data or client records and they’re not happy about it. A study by Arcserve shows that 70% of consumers believe businesses aren’t doing enough to ensure cyber security including protecting their personal information and building a strong defense against cyberattacks. That lack of consumer confidence is reflected in the fact that consumers clearly do not want to do business with companies that fall victim to a cyberattack. Nearly 2 out of every 3 consumers would likely avoid doing business with an organization that had experienced a cyberattack in the past year. 

---

---

Reduced Employee Performance & Elevated Burnout 

---

While it may seem obvious that security challenges or cyberattacks would add stress to an organization’s workforce, it may not be as obvious just how bad that stress and burnout can really be. Burnout is a real medical issue, recognized by authorities worldwide as a big problem. The World Health Organization delineates some of the symptoms of burnout as symptoms as “feelings of energy depletion or exhaustion,” “increased mental distance from one’s job”, or “feelings of negativism or cynicism related to one’s job,” and “reduced professional efficacy.” Sound familiar? It does for far too many IT workers.

Cybersecurity-related stress reaches deep into organizations, squeezing the life out of teams that are essential to a company’s success and preventing progress. That stress isn’t limited to security teams either. Everyone in IT is liable to be feeling the pinch of stress and employees don’t feel confident that their employers are interested in doing anything to help them. Almost 70% of professionals said their employers were not doing enough to prevent or alleviate burnout according to Deloitte’s Workplace Burnout Survey, with almost 80% saying that they’ve experienced burnout at their current job.  

---

---

That’s because IT teams are stressed about cybersecurity all the time, not just when an incident happens. The stress of cybersecurity problems is causing burnout to hit IT teams hard. VMware’s 2021 Global Incident Response Threat Report found that 51% of surveyed security professionals experienced extreme stress or burnout over the past 12 months. The additional pressures on IT teams to rapidly rollout work from home capability for every employee in their organization during the global pandemic has only made that problem worse. In the same VMware report, 65% of cybersecurity professionals said they have considered leaving their job because of this added stress.   

The ongoing chronic cybersecurity skills shortage is also not helping the cause. In an August 2021 White House summit for technology leaders, cybersecurity was the focus, and the skills shortage was front and center. Administration officials pointed to the estimated 500,000 open cybersecurity positions in the US as a major contributor to elevated risk for everyone.  An estimated 63% of organizations are experiencing a shortage of IT staff dedicated to cybersecurity. That’s feeding the vicious cycle of stress that is impacting security teams. According to (ISC)2, nearly 60% of global organizations said their companies are at moderate or extreme risk of cyberattacks due to this skills shortage.   

One major resource most companies cannot afford to lose in the midst of a cybersecurity skills shortage is any personnel maintaining their Security Operations Center (SOC). Unfortunately, that’s a place that has been walloped by stress from escalating threats like an explosion in business email compromise and soaring ransomware risk that have created a huge amount of work with very few hands to help carry the load. In a Ponemon Institute survey, almost two thirds of SOC professionals say that they’ve thought about quitting their jobs in the last year due to unrelenting stress. Stress and burnout are impacting security operations at every level. Over 90% of CISOs also say they suffer from moderate or high stress and for almost a quarter of them their stress impacts their ability to do their job.  

---

---

How to Reduce Burnout 

---

These tips can help you and your clients educe burnout and improve performance for IT personnel.  

• Allow flexible work hours – Being flexible about hours can alleviate stress from employees who are also juggling their responsibilities as caregivers, parents and students with less help tha the pre-pandemic era.
• Offer hybrid work arrangements -Many employees are grappling with pandemic-induced shortages in childcare availability or changes in medical treatment scedules for chronic illnesses, ratcheting up pressure
• Encourage people to use their leave – Making it hard for employees on overstretched teams to take days off only makes the problem worse. Well-rested employees do better work.
• Listen to employee concerns – Don’t just dismiss employee complaints as whining. You may discover that some of your staff’s biggest issues have quick fixes that alleviate stress and increase employee satisfaction. 
• Don’t cut corners on tools – Budgets are tight, but forcing your IT team to work with outmoded solutions only increases their stress and your cyberattack danger 
• Increase investment in automation – Adding automated security tools not only reduces your staff’s stress it also immediately boosts your security. 

---

---

Increase Security & Reduce Burnout with Security Automation 

---

Security automation is the way of the future for several reasons, but one of the biggest is that it keeps systems and data safer. Security automation improves the performance of your SOC, increasing caseload capacity by 300% or more while reducing trouble tickets by about 80% according to experts at IBM. 

So how can you and your customers start benefitting from security automation? Make use of the automation capabilities available now in each of our digital risk protection solutions.

• Dark Web ID – Enjoy automated deployment in minutes, with no additional hardware or software to install. Painless integrations with multiple PSA systems including Kaseya’s own BMS ensures automated data sharing for a fast, frictionless alerting and mitigation process, so you never miss a security event. Plus, Dark Web ID seamlessly integrates with other tools across Kaseya’s portfolio, making it easy for MSP technicians to manage them together.
• BullPhish ID – Automate training to make it even easier to manage. Deploy campaigns fast with plug-and-play kits and have content delivered automatically through brandable portals on a pre-determined schedule. Then have all of the reports that you need to demonstrate the value of training to your clients automatically generated.
• Passly – This is the process automation that will make every security team happy. Wave goodbye to trouble tickets for password resets because they’ll be automated. An average MSP that serves 1300 users wastes around $9350 each year just managing password reset tickets and you have better things to do with that money.

---

---

---

Oct 27: Modern Cyber Risk Management REGISTER NOW>>

Oct 27-28: ASCII Success Summit: Orlando REGISTER NOW>>

Oct 28: Trick or Treat Virtual Event REGISTER NOW>>

Oct 28-29: Robin Robins Road Show: Chicago REGISTER NOW>>

Nov 02-03:Robin Robins Road Show: Las Vegas REGISTER NOW>>

Nov 02-03: ASCII Success Summit: Washington DC REGISTER NOW>>

Nov 4: Cyber Risks and Threats in 2021 REGISTER NOW>>

Nov 06 – 10: 20th Annual TAG Convention REGISTER NOW>>

Dec 07: Connect IT Local: Atlanta REGISTER NOW>>

Dec 08-09: ASCII Success Summit: Anaheim REGISTER NOW>>

Dec 09: Connect IT M&A Symposium: Miami REGISTER NOW>>

---

---

---

Is Stress Impacting Your Business Security?

---

We’ve all been through some tough times in the last year, and that’s ratcheted up stress at home and at work. Unfortunately, that’s not just a factor that impacts your company’s efficiency and performance, Stress and burnout also play a big role in the state of your company’s cybersecurity. 

For the last few years, the cybersecurity sector has been grappling with the problem of an increasing cybersecurity skills shortage. Just last month, federal officials disclosed that there are an estimated 500,000 unfilled existing cybersecurity jobs. That means every team is trying to more work with fewer hands to carry the load. 

So how can businesses reduce stress on their cybersecurity teams while increasing their overall security? By increasing their investment in security automation. In an IBM report, researchers noted that automation reduces stress on security teams by decreasing trouble tickets and increasing efficiency while improving a company’s cyber resilience, an important measure of your company’s ability to resist cyberattack damage. 

Today’s leading security solutions include automated elements that will give your business an edge over stress as well as cybercrime. Why file password reset tickets when a solution like Passly handles it automatically? Set it and forget it when you automate your security awareness training program with a solution like BullPhish ID. Make it a priority to see how security automation can benefit your business and your employees.   

---

ID Agent Partners: Feel free to re-use this blog post (in part or in its entirety) for your own social media and marketing efforts. Please send an email to [email protected] to let us know – we love to hear about how our content works for you!

---

---

---

---