Please fill in the form below to subscribe to our blog

The Week in Breach News: 12/06/23 – 12/12/23

December 13, 2023

This week: A ransomware hit knocks out an Irish water utility for days, a Nissan data breach, seven new phishing resistance training kits in BullPhish ID and mitigating the biggest digital risk businesses face.


In The Educator’s Guide to Cybersecurity, see the cyber threats that schools face & how to mitigate them. DOWNLOAD IT>>



Austal USA 

https://www.bleepingcomputer.com/news/security/navy-contractor-austal-usa-confirms-cyberattack-after-data-leak/

Exploit: Hacking

Austal USA: Shipbuilder

1.51 – 2.49 = Severe Risk

Risk to Business: 1.617 = Severe

A major shipbuilder that holds contracts with the U.S. Department of Defense (DoD) and the Department of Homeland Security (DHS) has fallen victim to a ransomware attack. The cybercrime group Hunters International is claiming the hit on Austal USA, a subsidiary of the Australian shipbuilder Austal. The company reported that no personal or confidential data was compromised as a result of the incident. Hunters International has exposed some of the company’s proprietary data on its data leak site and claims to have more of that data including finance information, recruiting details, engineering data, certifications and compliance files. No ransom demand has been made public. 

How It Could Affect Your Customers’ Business: Companies like this hold sensitive military technology data like schematics and other information about other operational technology.

Kaseya to the Rescue: An endpoint detection and response solution can help businesses stop the spread of a cyberattack fast. This checklist helps you find the right one. DOWNLOAD IT>>


Henry County Schools

https://therecord.media/schools-maine-indiana-georgia-ransomware

Exploit: Ransomware

Henry County Schools: School District

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.691 = Severe

Ransomware continues to be the bane of schools and school districts. Attacks hit school systems in several U.S. states including Maine, Indiana and Georgia. Henry County Schools, a Georgia school system, disclosed last week that it discovered suspicious activity impacting its network operations during the first week of November. School officials were quick to reassure the public that the hackers did not breach sensitive student and employee systems, contending that the hackers were only able to access a “file storage area containing mostly historical procedural documents.” The school system has since restored all systems and functions impacted by the cyberattack, which remains under investigation by law enforcement. 

How It Could Affect Your Customers’ Business: The education sector is the top target for ransomware attacks, and schools need to plan their defenses accordingly.

Kaseya to the Rescue:  Learn how Datto EDR with Ransomware Rollback helps organizations including schools recover from ransomware faster. REGISTER NOW>> 


Greater Richmond Transit Company (GRTC)

https://therecord.media/central-va-transit-system-cyberattack

Exploit: Hacking

Greater Richmond Transit Company (GRTC): Public Transportation System

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.703 = Moderate

The Greater Richmond Transit Company (GRTC), the operator of public buses and specialized transportation services for the Richmond, Virginia area, said last week that it had been the victim of a cyberattack. The Thanksgiving weekend attack temporarily knocked out part of the transportation system’s network and impacted some services. An official said that those services have since been restored and schedules are back to normal. 

How It Could Affect Your Customers’ Business: Critical infrastructure that is at risk for ransomware isn’t just limited to defense, utilities and manufacturers.

Kaseya to the Rescue: See how security awareness training helps keep cybersecurity threats from becoming cybersecurity disasters. DOWNLOAD INFOGRAPHIC>>


Norton Healthcare

https://www.cybersecuritydive.com/news/norton-healthcare-ransomware-attack/702140/

Exploit: Ransomware

Norton Healthcare: Health System

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.840 = Severe

Kentucky health system Norton Healthcare has filed a data breach notification with the Maine Attorney General’s Office disclosing that it experienced a data breach in May 2023 as the result of a ransomware attack. Norton Healthcare said that the intrusion was discovered on May 9. Norton Healthcare said that threat actors had access to some of its network storage devices between May 7 and 9, but its medical record system was not compromised. An investigation determined that an estimated 2.5 million people had data exposed in this incident including patients’ names, contact information, Social Security numbers, dates of birth, health and insurance information and medical ID numbers.  

How It Could Affect Your Customers’ Business: Healthcare companies benefit from investing in powerful defensive solutions instead of chancing regulatory fines.

Kaseya to the Rescue:  Learn more about the various types of ransomware and get tips to mitigate ransomware risk in Ransomware 101. DOWNLOAD IT>> 


HTC Global Services

https://www.cshub.com/attacks/news/iotw-htc-confirms-cyber-attack-as-blackcat-ransomware-gang-teases-stolen-data

Exploit: Ransomware 

HTC Global Services: Business Services

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.673 = Severe

The notorious ALPHV/BlackCat ransomware group claims to be behind a likely ransomware attack on business digital transformation service provider HTC Global Services. The gang leaked a sample of the data it purportedly stole to its dark web leak site including images of passports, contact lists, emails and confidential documents. Experts believe that the attack vector was a zero-day Citrix Bleed vulnerability that was discovered in October but may have been active as early as August 2023.

How it Could Affect Your Customers’ Business: The rapid digital evolution of the way that we do business means that cybercriminals will continue to find new zero-day exploits at a brisk pace. 

Kaseya to the Rescue:  This infographic shows you the benefits businesses gain by choosing a managed security operations center instead of building their own. DOWNLOAD IT>> 


The City of Huber Heights, Ohio

https://www.govtech.com/security/extent-of-damage-in-huber-heights-cyber-attack-unknown

Exploit: Ransomware

The City of Huber Heights, Ohio: Municipal Government

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.736 = Severe

The city government of Huber Heights, Ohio says that it is still working to determine the extent of the damage from a cyberattack that started three weeks ago. The BlackSuit ransomware gang claims to be behind the hit. It says it has released a 129-GB file of the city’s data. The attack was initially discovered on November 12. All city agencies and services are fully operational; however, some are still operating on temporary devices while the city’s IT infrastructure is restored.  

How it Could Affect Your Customers’ Business: Bad actors hit governments and government agencies frequently in the hope of getting paid fast if services are knocked out.

Kaseya to the Rescue: Every organization, even a government, needs to be ready for trouble with an incident response plan in place. This checklist can help. DOWNLOAD CHECKLIST>>


Every business faces insider risk, from employee mistakes to malicious acts. Learn how to mitigate it. DOWNLOAD EBOOK>>



Ireland – Binghamstown/Drum Water Scheme 

https://westernpeople.ie/news/hackers-hit-erris-water-in-stance-over-israel_arid-4982.html

Exploit: Hacking (Hacktivism)

Binghamstown/Drum Water Scheme: Utility

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.239 = Extreme

180 homes and businesses in the area around Erris in northwestern Ireland were left without water for several days last week after a politically motivated cyberattack on their water distribution system. The bad actors said that the community’s water station was targeted because the equipment inside was made by Eurotronics, a company based in Israel that is a major supplier of water pumping technology. The water was restored last Friday night. Government officials are assisting in the investigation of the incident. 

How it Could Affect Your Customers’ Business: A cyberattack can hit any target, big or small, at any time for a variety of reasons so it is best to be prepared for it.

Kaseya to the Rescue: Learning about the cyberattack trends and business cybersecurity challenges we followed in 2023 gives IT professionals a valuable edge against cybercrime in 2024. READ THE REPORT>>


young brunette caucasian woman sits at a com[uter mo

See the path from a cyberattack to a defensive success with managed SOC in this infographic. GET IT>>



Japan – Nissan

https://therecord.media/nissan-australia-new-zealand-cybsecurity-incident

Exploit: Hacking

Nissan: Carmaker

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.823 = Moderate

Nissan is warning its customers in Australia and New Zealand that their personal information may have been exposed as the result of a cyberattack on the carmaker. Nissan has not offered specifics about the likely stolen data, simply posting a warning on their regional website warning customers in Australia and New Zealand to be on guard for possible scams and phishing attempts. Nissan also said that it has notified the Australian Cyber Security Centre and the New Zealand National Cyber Security Centre of the incident.  

How it Could Affect Your Customers’ Business: Even basic personal information may have value to cybercriminals and identity thieves.

Kaseya to the Rescue: This checklist can help businesses determine if they’re making all the right moves to prevent email-based cyberattacks. DOWNLOAD IT>>



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident


dark web threats represented by a hacker in a hoodie shrouded in shadows with faint binary code

Find out about five of today’s biggest dark web threats to businesses in this infographic. DOWNLOAD IT>>



Presenting 7 new & updated phishing simulation kits!


We’ve just added seven new and updated phishing simulation kits in BullPhish ID. Run these now to keep users on their toes through the dangerous holiday season!

  • OneDrive Document Invite
  • SharePoint Remote Work Policy
  • Office 365: Employee Benefits Package
  • MyKaplan Special Offer
  • PayPal: Fraudulent Activity
  • Schedulicity – Important Message
  • Staples: Invoice Request

Learn more about these new phishing simulation kits in the Release Notes!


How much is data really worth on the dark web? Find out in The IT Professionals Guide to the Dark Web! GET EBOOK>>



The Educator’s Guide to Cybersecurity  


A successful cyberattack can wreak havoc on a K-12 school or school district. However, non-tech stakeholders like educators and faculty may not understand the importance of investing in cybersecurity. In The Educator’s Guide to Cybersecurity, we explain:

  • Cyberattacks in easy-to-understand language
  • Why cybersecurity matters for K-12 schools
  • Steps schools and school districts can take to bolster their security
  • MSPs: This is a great eBook to send to your education sector clients!

DOWNLOAD IT NOW>>

Did you miss…The 2023 edition of The Guide to Reducing Insider RiskDOWNLOAD IT>>


Learn how managed SOC gives you big security expertise on call 24/7without the big price tag. LEARN MORE>>



 The Biggest Cybersecurity Threat That Businesses Face? Employees


Cybersecurity is a fast-paced and complex world that brings a variety of challenges to businesses. Many of those challenges have something in common: they’re caused by the people who work for the business. Even if they don’t intend to harm the organization, employees can do things to damage or subvert security carelessly like mishandling data or falling for a phishing trick. As detailed in our Kaseya Security Survey Report 2024, we saw one theme pop up again and again – the biggest cybersecurity challenge that businesses face today is people.  


KAS_eBook-Cybersecurity-Survey-2023_Resource

See the challenges companies face & how they’re overcoming them in The Kaseya Security Survey Report 2023 DOWNLOAD IT>>



When considering the IT security challenges that respondents anticipate encountering in the next year, no single challenge outstripped the rest of the pack. What is interesting is that four of the top five security management challenges our respondents selected are people-based challenges: human error (20%), IT and security skills (18%), insider risk (15%) and security awareness training (11%). An increase in security awareness training and strong security policies can mitigate some of these risks. 

What do you anticipate will be your top security management challenge in the next 12 months?  

Challenge Response 
Human error 20% 
IT and security skills 18% 
Insider risk 15% 
Budget 13% 
Security awareness training 11% 
Building a security culture 9% 
Staffing 6% 
Supply chain risk 6% 
Other 1% 

Source: Kaseya Cybersecurity Survey Report 2024 


an ominously dark image of a hacker in a blue grey hoodie with the face obscured.

Explore the nuts and bolts of ransomware and see how a business falls victim to an attack. GET EBOOK>>


Businesses face a wide array of cybersecurity issues 


There is no clear leader in the list of cybersecurity issues that businesses have experienced. In fact, the top three challenges are nearly tied. Phishing tops the list of security issues that respondents have encountered (41%), followed closely by viruses (39%) and endpoint threats (39%). More than half of our respondents have also had to contend with a dangerous cyberattack like ransomware or business email compromise at some point (58%).

Which of the following cybersecurity issues have impacted your business?  

Issue  Response 
Phishing messages 41% 
Computer viruses 39% 
Endpoint threats detected 39% 
Personal information or credential theft 34% 
Business email compromise (BEC) 31% 
Ransomware 27% 
Supply chain attack 18% 
None  4% 

 Source: Kaseya Cybersecurity Survey Report 2024 

In terms of challenges experienced in the past 12 months, the picture shifts a touch, with the top three issues the same but experienced slightly differently by our survey respondents.  

Which of the following cybersecurity issues have impacted your business in the past 12 months?  

Issue  Response 
Phishing messages  37% 
Endpoint threats detected 33% 
Computer viruses 33% 
Personal information or credential theft 29% 
Business email compromise (BEC) 26% 
Ransomware 24% 
Supply chain attack 16% 
None  7% 

Source: Kaseya Cybersecurity Survey Report 2024 


Find out how Datto EDR helps with Health Insurance Portability and Accountability Act (HIPAA) compliance. GET INFO>>


Lack of training causes major headaches


Companies and security teams constantly grapple with an array of challenges that can be hard to pin down. When asked about the top three reasons behind their cybersecurity issues, lack of cybersecurity training was the top overall culprit. More than half of respondents (53%) reported that the lack of end-user or administrator training was a major reason behind their cybersecurity issues.  

What are the top three root causes of your cybersecurity issues?  

Issue Response 
Lack of end-user cybersecurity training 28% 
Lack of defense solutions (antivirus) 28% 
Insufficient security support for different types of user devices 26% 
Lack of administrator cybersecurity training 25% 
Lack of executive buy-in for adopting security solutions 22% 
Lack of funding for IT security solutions 21% 
Lost or stolen employee credentials 17% 
Poor user practices/gullibility 15% 
Open Remote Desktop Protocol (RDP)access 13% 
Outdated security patches 13% 
Shadow IT  11% 
Weak passwords or access management 10% 
We have not experienced a cybersecurity incident 7% 

 Source: Kaseya Cybersecurity Survey Report 2024 


This handy checklist of smart security practices helps businesses kick off the new year right! GET CHECKLIST>>



Security awareness training that includes phishing simulations is a powerful and cost-effective strategy for mitigating short-term and long-term digital risks. Employees can’t avoid data handling mistakes or recognize phishing scams that they don’t know about – and without training, they will unwittingly do things that negatively impact security. Security awareness training is an investment, but that investment is richly rewarded. These major security benefits are priceless.  

  • Companies that engage in regular security awareness training have 70% fewer security incidents.    
  • Security awareness training improves phishing awareness by an estimated 40%.  
  • A corporate data security training program saves businesses an average of $2.54 million in costs.    
  • Overall security-related risks are reduced by 70% when businesses invest in cybersecurity awareness training.  
  • 93% of employees said that well-planned employee training programs positively affect their level of engagement in security practices 

Organizations that are in the market for an efficient and effective security awareness training solution with automated features that make administration easy should consider BullPhish ID. Security awareness training as well as phishing simulation with BullPhish ID is highly effective and affordable, making it an accessible security measure for a broad spectrum of organizations and enabling businesses of every size to fortify their defenses against the ever-evolving panoply of digital threats businesses face every day. LEARN MORE>>


Find the solutions you need to prepare for 2024’s challenges in Kaseya’s Security Suite


Kaseya’s Security Suite has the tools that IT professionals need to mitigate cyber risk effectively and affordably, featuring automated and AI-driven features that make IT professionals’ lives easier. 

BullPhish ID — This effective, automated security awareness training and phishing simulation solution provides critical training that improves compliance, prevents employee mistakes and reduces a company’s risk of being hit by a cyberattack.    

Dark Web ID — Our award-winning dark web monitoring solution is the channel leader for a good reason: it provides the greatest amount of protection around with 24/7/365 human and machine-powered monitoring of business and personal credentials, including domains, IP addresses and email addresses.   

Graphus — Automated email security is a cutting-edge solution that puts three layers of AI-powered protection between employees and phishing messages. It works equally well as a standalone email security solution or supercharges your Microsoft 365 and Google Workspace email security.     

Kaseya Managed SOC powered by RocketCyber — Our managed cybersecurity detection and response solution is backed by a world-class security operations center that detects malicious and suspicious activity across three critical attack vectors: endpoint, network and cloud.     

Datto EDR — Detect and respond to advanced threats with built-in continuous endpoint monitoring and behavioral analysis to deliver comprehensive endpoint defense (something that many cyber insurance companies require).     

Vonahi Penetration Testing – How sturdy are your cyber defenses? Do you have dangerous vulnerabilities? Find out with vPenTest, a SaaS platform that makes getting the best network penetration test easy and affordable for internal IT teams.  


Follow the path to see how Managed SOC heroically defends businesses from cyberattacks. GET INFOGRAPHIC>>



Watch this space for exciting webinars and events in 2024 coming soon!


dark web threats

Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>


Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.

Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!


let us help secure you against passwords reuse with contact information and the ID Agent logo on grey.

Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!

LEARN MORE>>


Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>

See Graphus in action in an on-demand video demo WATCH NOW>>


Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!

SCHEDULE IT NOW>>