The Week in Breach News: 11/03/21 – 11/09/21
Canada’s biggest cyberattack ever disrupts Newfoundland and Labrador healthcare, ransomware is the real villain at Diamond Comic Distributors, phishing wreaks havoc at a defense contractor plus a look at the big benefits of high cyber resilience from the new 2021 IBM Cyber Resilient Organizations Study.
Learn how to defeat terrifying cybersecurity monsters to keep systems & data safe in a dark world! READ IT IF YOU DARE!>>
Diamond Comic Distributors
https://bleedingcool.com/comics/diamond-comic-distributors-targeted-by-ransomware-attack/
Exploit: Ransomware
Diamond Comic Distributors: Periodical Distributor
Risk to Business: 1.417= Severe
It’s a bird, it’s a plane, it’s a ransomware attack at Diamond Comic Distributors. The Baltimore-based company, the exclusive distributor of Image Comics and a publishing outlet for dozens of small-press comics publishers, suffered a ransomware attack last Friday that took down the company’s website and customer service platforms all weekend into Monday. Diamond said in a statement that it did not anticipate that any customer financial data had been impacted by this event. Investigation and recovery is underway with some functions already restored.
Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business: Ransomware can cost companies a fortune from operational disruption alone even if no data is snatched, not to mention incident response costs.
ID Agent to the Rescue: Learn more about how ransomware is evolving, what we predict that you’ll see next and how to protect your clients in Ransomware Exposed. GET THIS EBOOK>>
Electronic Warfare Associates (EWA)
Exploit: Phishing
Electronic Warfare Associates (EWA): Defense Contractor
Risk to Business: 1.822=Severe
A phishing attack that snared an employee is the suspected cause of a breach at defense contractor Electronic Warfare Associates (EWA). The company is a major provider of specialized software for the US defense establishment including the Pentagon, the Department of Defense (DoD), the Department of Justice (DoJ) and the Department of Homeland Security (DHS). EWA’s investigation determined that an attacker broke into an EWA email account in August 2021 after a phishing operation. The intrusion was uncovered when the attacker attempted a wire transfer. Employee PII was exposed and concern remains that sensitive defense information may also have been exposed.
Individual Risk: 1.703=Severe
EWA has admitted that the attackers snatched files with certain personal information including name and Social Security Number and/or drivers’ license number for an undisclosed number of EWA employees, but no further information was given.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business Phishing is an equal opportunity offender and no less likely to be successful against the presumably cybersecurity savvy employees of a tech company as any other business.
ID Agent to the Rescue: Help your clients build a powerful defense against today’s top cybersecurity threat, phishing, with the knowledge and threat intelligence you’ll gain in our eBook The Phish Files. DOWNLOAD IT>>
Go inside the world of hackers and see how it really works with these true tales of cybercrime undercover operations! WATCH NOW>>
Newfoundland and Labrador Health
https://www.securitymagazine.com/articles/96481-canadian-healthcare-system-suffered-cyberattack
Exploit: Ransomware
Newfoundland and Labrador Health: Healthcare System
Risk to Business: 1.442=Extreme
What may be the largest cyberattack in Canadian history crippled the healthcare system of the province of Newfoundland and Labrador on October 30th. The suspected ransomware attack hit scheduling and payment systems, causing widespread interruptions in patient care including the cancellation of all non-urgent imaging and medical appointments well as a reduction in chemotherapy sessions and significant complications the province’s COVID-19 response. Eastern Health reported that their payment systems to suppliers and vendors were also targeted by the attack. Email and telephone capability has been restored in some locations and an investigation is ongoing.
Individual Impact: No information about the exposure of patient information was disclosed in this incident as of press time.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business Healthcare has been beleaguered by cyberattacks, especially ransomware, since the start of the global pandemic.
ID Agent to the Rescue: Keep your clients away from sticky situations like this with the tips, insight and threat knowledge that you’ll gain from our eBook Ransomware 101. DOWNLOAD IT>>
Are you ready to fight back against cybercrime? See where 2021’s threats are coming from and what’s next. DOWNLOAD THE REPORT>>
Greece – Danaos Management Consultants
https://splash247.com/greek-shipowners-cyber-tricked-over-halloween-weekend/
Exploit: Hacking
Danaos Management Consultants: Maritime IT
Risk to Business: 1.615= Severe
Maritime clients who use the communication systems of Danaos Management Consultants found themselves without some communications capability after a cyberattack blocked their communication with ships, suppliers, agents, charterers and suppliers. Several Greek shipping companies were impacted. The incident also resulted in the loss of an unspecified amount of files and correspondence for the impacted shipping firms.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Cyberattacks have rocked the maritime world in 2021, with major attacks against the world’s four biggest shippers complicating the world’s supply chain woes.
ID Agent to the Rescue: Building cyber resilience helps insulate organizations from trouble like this. Learn more about why cyber resilience is the ticket to a safer future for your clients. GET THIS EBOOK>>
Germany – Media Markt
Exploit: Ransomware
Media Markt: Electronics Retailer
Risk to Business: 1.512= Severe
Electronics retailer MediaMarkt has suffered a ransomware attack that caused the company to shut down some IT systems, impacting store operations in Netherlands and Germany. While cash registers and payment card systems in brick-and-mortar locations were disrupted, online sales were not impacted. The attack was purportedly carried out by the Hive ransomware outfit who initially demanded $240 million in ransom.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Operational disruption from a ransomware attack is just as likely as data theft and sometimes even more damaging.
ID Agent to the Rescue Build cyber resilience with the Security Awareness Champion’s Guide by explaining complex risks in a fun way that will be memorable to employees! DOWNLOAD IT>>
Our partners typically realize ROI in 30 days or less. See why nearly 4,000 MSPs in 30 countries choose to grow with ID AGENT solutions and support. BECOME A PARTNER>>
Australia – mySA Gov
https://securityaffairs.co/wordpress/123861/cyber-crime/cream-finance-cyber-heist-130m.html
Exploit: Hacking
mySA Gov: Government Services Platform
Risk to Business: 1.595 = Extreme
South Australia’s Department for Infrastructure and Transport confirmed that mySA Gov accounts were compromised through a cyber attack. Officials went on to say that the hackers gained access to several mySA Gov accounts that were secured with recycled passwords. The department went on to say that there was no evidence of any unauthorized transactions on the impacted accounts while encouraging users to update their passwords.
Individual Risk: 1.595 = Extreme
A report from ABC says that 2,601 mySA Gov accounts were accessed in the attack, with 2,008 of them containing registration and licensing information. It is unclear if any information was exfiltrated.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Cybercriminals are always hungry for PII, especially identification card or passport data that can help them commit identity theft.
ID Agent to the Rescue That email looks legit, right? Cybersecurity horrors lurk around every corner, lying in wait for unwary organizations. Learn how to defeat them in our new eBook Monsters of Cybersecurity. DOWNLOAD IT NOW>>
Dive into how to reduce your client’s risk of phishing fast with the tips in The Phish Files. DOWNLOAD NOW>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
Are your clients really protected from cyberattacks? Our Cybersecurity Risk Protection checklist will tell you the truth! GET IT>>
Go Inside the Ink to Get the Inside Scoop on Cybercrime
Are you up to date on the latest news that can impact your business and your customers? Here’s a recap:
- Let’s Play Cybersecurity Fact or Fake
- Why is Identity and Access Management Suddenly in Vogue?
- 2021 Data Breaches Have Already Exceeded All of 2020
- What Horrors Could Emerge from Your User Graveyard?
- The Week in Breach News: 10/27/21 – 11/02/21
Kaseya Patch Tuesday: Patch notes & bug fixes for October 2021: SEE PATCH INFO>>
It’s Time to Start Thinking About Risk in 2022. These Webinars Can help.
Are you ready to determine the best way to secure your clients in 2022? These webinars can help frame your predictions.
NEW! Cyber Risks and Threats in 2021 with Rachel Wilson takes a look at what this year’s threat landscape tells us about what’s ahead. WATCH NOW>>
Modern Cyber Risk Management with Kirsten Bay, CEO of Cysurance explores the myths around cyber insurance and how it is changing. WATCH NOW>>
Owning the Dark Web with investigative journalist Geoff White dives into the dark web and looks at the future of cybercrime. WATCH NOW>>
Did You Miss…? Make sure you’re ready for anything with The Cybersecurity Monster Hunter’s Checklist. DOWNLOAD IT>>
Get the cheat codes to defeat cybercrime in our eBook The Security Awareness Champions Guide GET IT NOW>>
What Are the Benefits of High Cyber Resilience?
See How to Boost your Client’s Cyber Resilience Affordably
Building cyber resilience is coming into focus for smart organizations as cyberattack risk and frequency climbs for businesses. An estimated 80% of companies have faced an increase in the number of cyberattacks they’ve experienced in 2021. Increased attack frequency means companies must be prepared to continue operations under threat or while handling incident response or risk significant costly downtime. The new IBM Cyber Resilient Organizations Study 2021 sheds light on just how beneficial a high level of cyber resilience has been for many companies and provides insight on how to achieve it.
Are you ready to slay the Monsters of Cybersecurity? This checklist tells you what you’ll need to succeed! GET CHECKLIST>>
Over Half of Companies Had a Data Breach in the Last 12 Months
The IBM Cyber Resilient Organizations Study is done annually with independent research from the Ponemon Institute. This study is based on an annual global survey of more than 3,600 IT and security professionals in over 15 industries. In it, researchers measure the cyber resilience of the subject organizations to determine what security measures are most beneficial to the leaders. The survey also reports on the impact of security choices and cybersecurity maturity on the overall security of highly resilient organizations.
10 Statistics of Note from The IBM Cyber Resilient Organizations Study
- 67% of respondents said that the volume and severity of cybersecurity incidents that they’re facing increased in the past 12 months
- 51% of survey respondents said they sustained a data breach over the last 12 months
- 46% of companies experienced at least one ransomware attack over the past two years
- 61% of organizations surveyed have had a ransomware attack in the last two years and paid the ransom
- 83% of organizations that experienced a ransomware attack in the last two years had threat actors demand a ransom of over $1 million
- 35% reported their organizations have adopted a zero-trust approach
- 66% of respondents said their organization uses a zero-trust approach cited their top reason as improving operational efficiency
- 26% of respondents reported their organizations have cybersecurity incident response plans that are applied consistently across the entire enterprise
- Only 51% reported that their organizations had a specific response plan for ransomware
- 65% agreed that a zero-trust strategy strengthens cyber resiliency
Zero Trust security is a piece of cake when you’re sure you’re giving access to the right people at the right levels. SEE HOW TO DO IT>>
Continued Ransomware Challenges
Ransomware has been a top cybersecurity villain for years. It’s been especially pernicious in the last two years. Every organization’s IT team is aware that they need to have a ransomware defense strategy on the table because it is only a matter of time before they’re in a ransomware gang’s sights. But many IT professionals are still facing significant challenges in securing their organizations against ransomware as attacks and ransoms grow.
A solid 46% of organizations reported that they’ve experienced one or more ransomware attacks in the last two years. The study also breaks down exactly how that ransomware arrived at victimized organizations. Of organizations that sustained at least one attack, four major causes represented the catalyst for most events.
- 45% from phishing or social engineering
- 22% from insecure or spoofed websites
- 19% from social media
- 13% from malvertisements
Ransom amounts are also in a consistent upward trajectory. Only 35% of the impacted organizations in this study reported that their ransom demand was less than $2 million. Instead, the majority (46%) said that cybercriminals demanded ransoms of $2 – 10 million from their organizations and 19% reported a ransom demand of $10 million to more than $50 million.
Is Your Password a Zero or a Hero? Learn the difference and how you can strengthen yours in Build Better Passwords. GET IT>>
Adopting Zero-Trust Security
Zero-trust security has been a hot topic, especially in light of rulemaking by the US federal government to move agencies and government contractors into a zero-trust framework in response to a spate of damaging high-profile infrastructure and supply chain attacks that sometimes included nation-state threat actors in 2021. The Colonial Pipeline incident and the subsequent outcry was a major catalyst for action at both the federal and state level. Cybersecurity legislation is on the agenda in every state legislature and congress, and many of those proposals include zero-trust elements.
The Cyber Resilient Organizations Study has previously reported on the benefits of zero-trust security. This year, researchers took another look at how using a zero-trust approach to security benefits businesses and reduces risk, specifically by boosting their cyber resilience. Those findings showed that 35% of respondent organizations said that they have already adopted a zero-trust security strategy. Of that group, 65% agreed that zero-trust security fundamentally strengthens cyber resilience. That’s a great idicator that increased cyber resilience is a useful goal when looking ant big-piture ways to avoid a costly data breach.
Why Are Companies Adopting Zero-Trust?
- 66% said to improve operational efficiency
- 63% to reduce security risks
- 38% said for better IT team support
- 34% said to reduce costs
- 23% said for a competitive advantage
- 4% cited other reasons like regulation
We’re invested in your success! Learn about best-in-class marketing & sales support from Kaseya Powered Services. WATCH NOW>>
What Leaders Are Doing & How to Follow Them
Taking a look at what the leading organizations in the survey are doing to achieve high cyber resilience is important to determine exactly what benefits businesses get from building their cyber resilience. It also opens a window into the security mindset of leading organizations. There have been a few changes from 2020’s results that are evident in the 2021 survey as businesses have grappled with the volatility of today’s threat landscape.
What Are Leaders Considering?
- 66% of 2021 leaders say that security automation and AI are important, up slightly from 63% in 2020
- 60% recognize that cyber resilience impacts a company’s revenue, up from 56% in 2020
- 41% say that cyber resilience impacts brand value and reputation, down from 46% in 2020
- And new this year, 41% of leaders are regularly assessing third-party risk
IBM also lays out a series of recommendations to improve cyber resilience:
- Create and test incident response plans: comparison research shows that regularly updating and reviewing incident response plans was a key reason why cyber resilience improved for 47% of high performers. IBM recommends developing both enterprise-wide CSIRPs and threat-specific incident response plans as well as drilling them regularly.
- Protect your critical databases: 52% of the survey respondents ranked leakage of high-value information assets as a key measure of severity in data breach incidents. Developing a comprehensive data security strategy is suggested to help organizations reduce risk.
- Keep systems running with advanced protection from cyberthreats: 47% of the companies surveyed ranked data center downtime as a key measure of severity. The report points to proactive threat management with a zero-trust approach as a good way to avoid system downtime.
- Speed up analysis with AI and threat intelligence: 47% of respondents cited diminished productivity of employees as a measure of severity in security incidents. More advanced analytics and automated workflows are pointed out as processes that can give teams time back for threat investigation.
- Break down silos and increase visibility: High-performing organizations said that the inability to reduce silos (87%) and lack of visibility into applications and data assets (74%) were their top two blockers when it comes to improving their cyber resilience. Researchers say that an open platform that fosters integrations between technology can help unite disjointed processes and data and provide broad visibility.
- Implement a patch management strategy: Delay in patching vulnerabilities is always a security bugbear, and 59% of average respondents cited it as a major reason why their organization’s cyber resilience didn’t improve. IBM suggests a formal vulnerability management program to help cybersecurity teams proactively identify, prioritize and remediate the vulnerabilities that threaten critical assets.
90% of MSPs have had clients hit with a ransomware attack in the last 12 months. Help your clients build stronger defenses with the insight in Ransomware Exposed! DOWNLOAD NOW>>
Improve Your Clients’ Cyber Resilience Quickly & Affordably with ID Agent Solutions
Improving cyber resilience for your clients is easy and affordable with solutions from ID Agent. It’s also an excellent way to lay the foundation for a zero-trust strategy that boosts defense against threats like ransomware.
Passly combines the IAM tools your clients need to start building cyber resilience need into one package including single sign-on (SSO), multifactor authentication (MFA), automated password resets and simple remote management.
BullPhish ID helps your clients reduce their cyberattack risk by up to 70% with security awareness training that’s painless for everyone. Choose from a huge library of videos and phishing simulations that can be customized..
Dark Web ID discovers your clients’ compromised credentials in minutes. Guard against new compromises and gain protection from supply chain risk with 24/7/365 credential monitoring.
Contact the solutions experts at ID Agent today to learn more about how the ID Agent digital risk protection platform can enable you to secure your business and your customers against ransomware threats.
Don’t let cybercriminals put the brakes on your client’s race to success. Boost your cyber resilience to keep your engine running in any conditions. LEARN MORE>>
Nov 10: WEBINAR: The Darkest Web: IT Security and the Best Ways to Lose a War with Ben Hammersley REGISTER NOW>>
Nov 16: WEBINAR: Cybersecurity Jeopardy REGISTER NOW>>
Nov 17: WEBINAR: Nano Session #2: Start Selling and Delivering Security Awareness Training REGISTER NOW>>
Nov 17: WEBINAR: Cybersecurity Attacks Demystified for MSPs REGISTER NOW>>
Dec 07: Connect IT Local: Atlanta REGISTER NOW>>
Dec 08-09: ASCII Success Summit: Anaheim REGISTER NOW>>
Dec 09: Connect IT M&A Symposium: Miami REGISTER NOW>>
Are you ready to take back control of cyberattack risk from the villains on the dark web? This webinar shows you where to start. WATCH NOW>>
Why You Should Build Your Cyber Resilience
Cyberattack threats are headed for your business. In the recent IBM Cyber Resilient Organizations Study 2021, researchers reported that 67% of respondents said that the volume and severity of cybersecurity incidents that they’re facing has increased in the past 12 months. With the pace so high, you can’t afford to put your business operations on hold while you pivot to incident response. That’s why you need to make sure that you’re building a cyber resilient organization that can keep on chugging in adverse conditions.
One of the most impactful ways that you can build your cyber resilience is by choosing a zero-trust approach to your company’s security. When researchers asked the leading businesses in the survey about the benefits of zero-trust security, 65% said that zero-trust security has fundamentally strengthened their cyber resilience.
Zero-trust security architecture is also the model that the US federal government is moving toward, and elements of that strategy will be required for federal contractors in the near future. Start your journey to a cyber-resilient zero-trust security model by implementing identity and access management (IAM) with s a solution like Passly. Multifactor authentication, a feature of IAM solutions, is a foundational element of zero-trust security as well as a smart choice to immediately improve your company’s cyber resilience.
Do you have comments? Requests? News tips? Compliments? Complaints 9or compliments)? We love to hear from our readers! Send a message to the editor.
ID Agent Partners: Feel free to reuse this post (in part or in its entirety) When you get a chance, email [email protected] to let us know how our content works for you!
Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!
Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>
See Graphus in action in an on-demand video demo WATCH NOW>>
Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!