Threat Alerts - Kobargo

Data Breach, Cyber Alert Monday 07-22-2019

Data Breach, Cyber Alert Monday: Last week, ransomware stops the music at a local radio station, employees fall for phishing scams, and U.S. mayors promise not to pay any more ransom demands..

LAST WEEK’S HACKS, ATTACKS, DATA BREACHES AND MORE…

Los Angeles County Department of Health: Government agency responsible for overseeing health initiatives in Los Angeles County

Exploit: Ransomware

Risk to Small Business: 2.285= Severe: On March 28th, an employee at a third-party contractor opened a phishing email that gave hackers access to the company’s data, which included personally identifiable information from the Los Angeles Department of Health. Although the data was encrypted, the email account also contained the encryption keys, which functionally nullified this security feature. As the second-largest health system in the United States, the agency oversees many clinics and hospitals that could be impacted by this attack. Now, the Los Angeles County Department of Health is tasked with reinforcing its cybersecurity standards while they support their constituents who were harmed in the attack.

Individual Risk: 2.285= Severe: The data breach exposed sensitive patient information, including names, addresses, dates of birth, medical record numbers, and Medi-Cal identification numbers. In addition, two patients had their Social Security numbers compromised. Although patients were not the target of the attack and authorities haven’t found evidence that their information is being misused, personally identifiable information can quickly make its way to the Dark Web where it can be used to perpetrate financial and identity crimes. Therefore, those impacted by the breach should enroll in the provided credit and identity monitoring services to ensure their data’s continued integrity.

Customers Impacted: Unknown

How it Could Affect Your Business: Phishing attacks are an easy way for hackers to circumvent security standards by relying on employee ignorance and indifference to gain access to sensitive computer networks. Every organization can defend against these attacks by conducting awareness training with their employees. By equipping employees to identify and report phishing emails, organizations can effectively render these attacks ineffective.

La Porte County Government : Local government serving La Porte, Indiana

Exploit: Phishing attack

Risk to Small Business: 2.111 = Severe: A malware attack on the government’s IT infrastructure rendered more than half of their servers unusable. The attack, which delivered a ransomware virus, cut off access to the county’s website, email accounts, and other services. The remaining servers were taken offline to prevent malware from spreading further. The county purchased ransomware insurance last year, which will help offset the repair costs, but officials expect in order to fully recovery it will come at a significant expense.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware attacks on government agencies and institutions are on the rise, making a response plan a must-have element of any cybersecurity initiative. La Porte officials demonstrated many benefits of these plans, including rapid response capabilities, clear communication channels, and proper insurance to reduce the expense of an attack. Of course, surveying your organization’s IT infrastructure should be a top priority as well, since it can prevent an attack before it occurs.

Essentia Health: Integrated healthcare system offering services in Minnesota, Wisconsin, North Dakota, and Idaho

Exploit: Phishing attack

Risk to Small Business: 2= Severe: A vendor providing billing services for the healthcare provider was the victim of a phishing scam that consequently compromised patient data at Essentia Health. The healthcare provider is investigating the incident and the integrity of other third-party vendor systems. In today’s digital landscape, verifiable data security standards are a must have for any partnership that involves personally identifiable information.

Individual Risk: 2.428= Severe: Essentia notified those impacted by the breach, but they have not identified any attempted misuse of patient data. Even so, once sensitive personal information is accessed, it can quickly become accessible on the Dark Web, so those affected will need ongoing credit and identity monitoring services to ensure their data’s integrity.

Customers Impacted: 1,000

How it Could Affect Your Business: Data breaches that expose people’s personal information can have devastating consequences for both the company and the victims. The most advantageous road to recovery starts with ensuring that victims have the support necessary to adequately recover from the incident. This includes identifying the cause and scope of a breach as well as providing the credit and identity monitoring services that offer rapid detection of data misuse.

Monroe College: Private for-profit college and graduate school based in New York City

Exploit: Ransomware

Risk to Small Business: 1.888 = Severe: The college endured a ransomware attack that disabled network services at its three campuses. The perpetrators issued a demand for $2 million in Bitcoin to release the encrypted files that likely include most of their critical data for executing business and educational activities. While classes remain in session, all of the school’s email and website-based activities are inaccessible. Monroe College outsources its payroll, which preserved those services during the attack. Unfortunately, the school now has to decide between paying the exorbitant ransom and incurring the considerable cost of recovering network systems. Either way, it will be an expensive recovery process for Monroe College.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: Monroe College is just the latest in a series of academic institutions impacted by a ransomware attack. These attacks significantly curtail their operations while costing precious funds that are earmarked for academics. Therefore, it’s imperative to understand potential vulnerabilities before such an attack occurs. Given the high expense of recovery, the slew of negative press, and the opportunity cost associated with a ransomware attack, the relatively affordable cost of examining network vulnerabilities and compromised credentials is a bargain.

Richmond Heights City Hall : Local government offices for Richmond Heights, Ohio

Exploit: Ransomware

Risk to Small Business: 2.111 = Severe: When an employee opened a phishing email, it unleashed ransomware that disrupted City Hall’s IT infrastructure. The malware encrypted the employee’s files and displayed a ransom note on the screen that demanded payment in Bitcoin to restore services. While the ransomware disabled the city’s computers and servers, their email and internet services were not impacted in the attack. Fortunately, the city-maintained backups that allowed them to restore their files without paying the ransom.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware can have catastrophic consequences for any organization, but this incident is a reminder that they are often initiated by subtle mistakes. In this case, a single phishing email could have compromised the IT infrastructure for an entire city government. Maintaining adequate backup services and other restorative processes are critical to recovering from a ransomware attack but protecting against the methods that are frequently used to deploy these attacks is equally important.

KHSU Radio Station: Radio station owned by Humboldt State University

Exploit: Ransomware

Risk to Small Business: 2.333 = Severe: Hackers exploited a network vulnerability to deliver ransomware to KHSU’s programming systems and storage servers. Fortunately, the affected servers did not contain any sensitive data, but the attack disrupted the station’s programming, which went offline on July 1st. The hackers are demanding a ransomware to restore the systems, but an actual amount hasn’t been specified. Until services are restored, the station’s listeners will continue to be without programming.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: The opportunity cost associated with a ransomware attack can be just as damaging as the immediate recovery cost. In this case, listeners are without the station’s regular programming, which will drive them to other stations. To make matters worse, the attack was issued using an avoidable network vulnerability. When it comes to avoiding a ransomware attack, the best offense is a strong defense. Prioritize a thorough review of your network infrastructure and repair any vulnerabilities before hackers exploit them for their own gain.

In Other News:

U.S. Mayors Unite Against Ransomware Payments..

2019 has seen a significant uptick in the number of ransomware attacks on local governments. High profile attacks on cities in Florida and Maryland attracted most of the mainstream media attention, but, to date, 22 municipalities were the victim of a ransomware attack in the first half of the year.

Local mayors are tired of paying the price for these attacks, and they codified this sentiment in a nonbinding, unanimous resolution at this year’s meeting of the U.S. Conference of Mayors where they vowed not to pay any more ransom demands.

Noting that ransom payments provide a financial incentive for additional perpetrators to proliferate these attacks, conference members are committed to disincentivizing this behavior in an attempt to abate this troubling trend.

The conference is comprised of 1,400 mayors from various U.S. cities with populations of over 30,000, and, while there is no mandate that members must follow this resolution, it provides political and legal cover for mayors to refuse ransom payments.

In some cases, not paying a ransom can be considerably more expensive, and it can take longer to recover affected systems.

It also raises the stakes in the fight against ransomware, and local municipalities will need to do everything they can to fortify their IT infrastructure against the many access points for ransomware. Partnering with us can help your organization identify its most prescient vulnerabilities to ensure that they can avoid the decision to pay a ransom altogether.

A Note From Kobargo..

Ransomware Attacks Target Network Attached Storage Devices.. According to recent findings by cybersecurity researchers, a new form of ransomware dubbed eChoraix, is being used to attack network attached storage (NAS) devices.

The malware specifically targets QNAP NAS devices, which are used around the world. These devices are already connected to the internet, and hackers use brute-force attacks to expose weak login credentials to gain access to the device.

These devices frequently store critical system backups and other sensitive information, but they often don’t come with the sophisticated security features that accompany built-in computer storage.

Much like the delivery method, the malware’s source code is simple, consisting of less than 400 lines. Unfortunately, this simplistic attack can still cause serious damage to users’ data, as they will be forced to either pay a ransom to recover the backups or to rely on other storage units to provide these services.

QNAP has issued a patch for these vulnerabilities, but, more broadly, every organization needs to be aware of the rapidly shifting landscape for today’s ransomware attacks that are becoming stealthier and more damaging. Cybersecurity services can help you navigate this landscape by transforming your vulnerabilities into your greatest asset in a robust cyber defense.

For More Info On “Password Protection” Stay Tuned For Our Latest Video. Coming Soon!

Contact Kobargo Technology Partners to schedule a free consultation today !

The best online JS tools can be found at HTML-CSS-JS.com: script beautifier, compressor, cheat sheet or just read the blog.

Data Breach, Cyber Alert Monday: Last week, ransomware affects organizations of all shapes and sizes, US Virgin Islands Police Department attacked..

LAST WEEK’S HACKS, ATTACKS, DATA BREACHES AND MORE…

Georgia’s Administrative Office of the Courts and Judicial Council of Georgia: Digital information arm for the Georgia state court system

Exploit: Ransomware

Risk to Small Business: 2.333= Severe: A malware attack infected the agency’s computer network with ransomware, encrypting their files and disrupting many of their services. Officials have yet to reveal the ransom amount, but it marks the second significant ransomware attack for a Georgian government agency in 15 months. Fortunately, the agency does not store personal information on the affected network, and servers were brought offline to prevent malware from spreading. The previous attack in 2018 cost $7.2 million, foreshadowing another expensive blow that can be measured in time and money.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware attacks wreak havoc on an organization’s operational and financial integrity. To make matters worse, they are increasingly becoming more common and costly. Nevertheless, many ransomware attacks are delivered through phishing emails, which can be thwarted through organizational cyber-security training for employees. Given the exceedingly high recovery expense and cascading damages caused by a ransomware attack, such training is the most cost-effective way of protecting

Alive Hospice: Healthcare provider offering hospice and family support services

Exploit: Unauthorized network access attack

Risk to Small Business: 2 = Severe: On May 6th, hackers gained access to an employee’s email account containing personally identifiable information for patients at Alive Hospice. Although the company quickly reset the account password, the intruder was able to view significant amounts of sensitive data. In this case, a single email account was able to compromise newsworthy amounts of patient data, while also interrupting business processes. Alive Hospice will incur the expense of credit and identity monitoring services, along with the less quantifiable reputational cost that accompanies a data breach.

Individual Risk: 2 = Severe: Although there is no indication that hackers have misused any company data, they did have access to patients’ names, contact information, dates of birth, social security numbers, driver’s license numbers, credit/debit card numbers, medical history information, treatment and prescription information, physician information, medical record number, Medicaid/Medicare numbers, health insurance information, and other in-house account details. Therefore, those impacted by the breach should enroll in the free credit and identity monitoring services being offered by Alive Hospice while remaining vigilant about monitoring their accounts for suspicious activity.

Customers Impacted: Unknown

How it Could Affect Your Business: Personally identifiable information (PII) can quickly make its way to the Dark Web, where it can do considerable damage to those affected by a breach. Therefore, understanding what happens to compromised patient data is a significant part of any data breach recovery effort.

US Virgin Islands Police Department: Law enforcement agency serving the United States Virgin Islands

Exploit: Ransomware

Risk to Small Business: 1.666- Severe: An April ransomware attack on the island’s police computer network encrypted all files stored on the department’s servers. The impacted data included information related to internal affairs and citizen complaints, and the “Blue Team” and “IAPRO” programs were unavailable for several weeks. In addition, backups for some systems were also corrupted, requiring the department to install new versions of the affected software. Not only is the department struggling to provide services to its constituents, but it will also face a significant repair cost that is growing by the day. .

Individual Risk: 2.571= Severe: Hackers did encrypt information related to citizen complaints, which could include sensitive personal information. However, there is no indication that this information was viewed or stolen during the ransomware attack.

Customers Impacted: Unknown

How it Could Affect Your Business: The true price tag on a data breach can be deceptive, as recovery costs must be added to the opportunity cost of interrupted business processes and reputational damages. Organizations must be capable of knowing if personal information is accessed in an attack and need internal protocols to protect infrastructure and mitigate damage as much as possible.

Maryland Department of Labor: Local government agency serving the state of Maryland

Exploit: Unauthorized database access

Risk to Small Business: 2.222 = Severe: Hackers gained access to two agency databases that contained personally identifiable information. The breach, which occurred in April, involved data from those who received unemployment benefits in 2012 or pursued a general equivalency diploma in 2009, 2010, or 2014. It’s unclear why the agency waited several months to notify those impacted by the breach, but this cybersecurity incident underscores a troubling trend in government agencies in general and Maryland in particular. The agency will now be responsible for paying victims for two years of credit monitoring services, while also spending precious funds on recovery efforts.

Individual Risk: A damage assessment conducted by a third-party forensics team concluded that no personal information was downloaded in the attack. However, hackers did have access to a deluge of personal data, including names, social security numbers, birth dates, city or county of residence, graduation dates, and record numbers. Those impacted by the breach are encouraged to closely monitor their credentials and to enroll in the credit monitoring services being offered by the agency.

Customers Impacted: 78,000

How it Could Affect Your Business: It’s no secret that data breaches, especially those that compromise sensitive personal information, are always harmful. However, organizations can work to repair the damage by supporting those impacted with protection. By continuously monitoring the Dark Web, where stolen credentials are quickly bought and sold, businesses can grow and retain their customer base while generating loyalty.

Mercy Health: Catholic healthcare ministry serving Ohio and Kentucky

Exploit: Email security breach

Risk to Small Business: 2 = Severe: A compromised email account at a third-party vendor in 2018 ultimately resulted in compromised personal information for Mercy Health patients. The third-party vendor, OS Inc., was involved in a similar data breach last year and was responsible for updating information for Medicare beneficiaries and billing for certain services. The incident reflects the complicated cyber-security threats facing institutions working with third parties, specifically as it relates to managing personally identifiable information.

Individual Risk: 2.285 = Severe: Hackers did not gain access to financial or medical information, but they were able to view significant amounts of personally identifiable information, including names, dates of birth, dates of service, patient identification numbers, Social Security numbers, and medical record numbers.

Customers Impacted: Unknown

How it Could Affect Your Business: Working with contractors and third parties is often a requirement in today’s digital ecosystem. However, those partnerships can create vulnerabilities that organizations need to address before allowing third parties to access their data. Therefore, robust cybersecurity protocols should be a prerequisite for any business relationship that includes that exchange of sensitive personal information.

American Land Title Company (ALTA): National trade association representing various real estate entities

Exploit: Phishing scam

Risk to Small Business: 1.888 = Severe: A so-called ethical hacker contacted ALTA regarding 600 data entries accessed by its members using a phishing campaign. The compromised data may have included highly sensitive company data from ALTA organizations. This is the second phishing scam targeting ALTA members this year when a similar scam that originated within the organization was sent to member companies.

Individual Risk: 2.285 = Severe: While the data accessed pertains to the companies involved, it could also include personal information, including domain identification, IP addresses, usernames, and passwords. ALTA organizations should encourage employees to monitor their accounts for suspicious activity and to ensure that they use unique, strong passwords for all accounts, especially those containing personally identifiable information.

Customers Impacted: Unknown

How it Could Affect Your Business: Phishing scams are unleashed with speed and precision, and they can quickly compromise your organization’s data. Fortunately, they are also entirely defensible with comprehensive awareness training. Knowing if your organization’s credentials are compromised before a data breach occurs can prevent a security incident before it harms your company and your customers.

In Other News:

Company Cut Off from Government Contracts After Data Breach

Last month, Perceptics, a maker of license plate readers used by the U.S. Customs and Border Patrol (CPB), endured a significant data breach that resulted in 65,000 files published to the Dark Web.

As a result, the company has been placed on a veritable government black-list, suspending Perceptics from procuring government contracts. Although the suspension is technically limited to the CPB, the notice, which cites “evidence of conduct indicating a lack of business honesty or integrity,” could shun the company from doing business with other government agencies.

Before the suspension, Perceptics had a 30-year working relationship with CPB, and their dissolution indicates the weight of unimpeachable cybersecurity standards for companies handling sensitive personal information on behalf of the government.

What’s more, Perceptics will still face administrative proceedings that will determine the company’s fate as it pertains to future work with the U.S. Government.

The incident is a warning to all companies: cyber-security is an obligation, not just a suggestion. Data breaches place people’s data at risk but are increasingly becoming capable of compromising an organization’s financial stability. Rather than leaving it up to chance, coordinate with Kobargo to ensure that your cyber-security posture is ready to meet the moment.

A Note From Kobargo..

A Divide in Ransomware Response Ethics Local governments and municipalities are frequently targeted with ransomware attacks by cyber criminals who view government agencies as soft targets with potentially significant rewards. While leaders are unified in their abhorrence of this behavior, disparities exist when aligning on response plans.
Some governments choose to pay the ransom, seeing it as the least expensive option available. Of course, this behavior makes other governments more vulnerable to a similar attack because it indicates that authorities are willing to pay criminals to restore access to their systems. In contrast, some local governments refuse to pay, a principled stance that can be more expensive in the long run. For instance, Baltimore authorities refused to pay a $75,000 ransom to regain access to its network, but full system restoration is estimated to cost $10 million, and other ancillary disruptions may cost $8 million more. The message is clear and simple: all organizations need to do everything they can to prevent a ransomware attack in the first place. Contingency plans like backups and cyber insurance are critical for responding to an attack, but employee awareness training and threat analysis services offered by cyber-security experts can prevent ransomware attacks before placing your company in the precarious position of deciding on ransom payments.

For More Info On “Password Protection” Stay Tuned For Our Latest Video. Coming Soon!

Contact Kobargo Technology Partners to schedule a free consultation today !

The best online JS tools can be found at HTML-CSS-JS.com: script beautifier, compressor, cheat sheet or just read the blog.

Data Breach, Cyber Alert Monday: Last week, a U.S healthcare insurer discovers data breach after almost a decade..

LAST WEEK’S HACKS, ATTACKS, DATA BREACHES AND MORE…

Borough of Westwood: Local government organization serving Bergen County, New Jersey

Exploit: Malware attack

Risk to Small Business: 2.222= Severe: Unusual network activity in December 2018 alerted county officials that hackers gained access to the county’s network. These bad actors introduced malware into their system, which placed the personal data of residents at risk. Although the county is confident that information on the network hasn’t been viewed, accessed, or downloaded by hackers, they obtained third-party cyber-security services to assess the damage and remove the malware from their system. However, it’s unclear why county officials waited six months to notify the public of the incident.

Individual Risk: 2.222= Severe: Authorities are confident that personal information has not been viewed in this attack. However, the network did store personally identifiable information, including names, social security numbers, driver’s license numbers, and bank account details. The county is in the process of notifying people who could be impacted by the breach, but anyone who provided data to the county’s website should be vigilant about monitoring and reviewing their account statements for suspicious activity.

Customers Impacted: Unknown

How it Could Affect Your Business: As news headlines continually demonstrate, local governments are becoming a top target for hackers and cybercriminals. Therefore, it’s critical that these institutions make every effort to secure their IT infrastructure before a cybersecurity incident occurs. In this case, a six-month delay in reporting the data breach would make it difficult for victims to identify data misuse, meaning that the lack of damages resembles more of a stroke of luck than an intentional strategy. Instead of relying on good will, organizations must establish a strong defensive posture that prevents a data breach from occurring in the first place.

Franciscan Health: Healthcare system offering services in Indiana and Illinois

Exploit: Unauthorized network access attack

Risk to Small Business: 1.777 = Severe:A rogue employee accessed extensive medical records pertaining to physicians, diagnosis, lab results, medications, and other treatment-related information. Although the employee worked in the company’s quality research department, he had no business-related reason for accessing this private health data. Fortunately, the company quickly identified the privacy breach and took action against the employee. However, they will now have to contend with the cost of providing identity theft protection services to those impacted by the breach, along with the less quantifiable reputational losses that accompany a data breach.

Individual Risk: 1.8571 = Severe: Currently, there is no indication that the rogue employee downloaded or shared any personally identifiable information. However, the employee did have access to sensitive data, including patients’ names, email addresses, dates of birth, phone numbers, gender, race, partial social security numbers, and medical record numbers. Those impacted by the breach should review and monitor their financial accounts and their benefits statements for suspicious activity.

Customers Impacted: 2,200

How it Could Affect Your Business: A company’s workforce can be one of the most significant sources of cyber-security risk, but any organization has the ability to transform their staff into the strong defense against a data breach. With the right awareness training, employees can learn to spot cyber-security threats proactively by learning industry-wide best practices. As the costs associated with data breaches continue to grow incredibly steep, such training is becoming a relative bargain.

City Of Sun Prairie: Local government municipality serving Sun Prairie, Wisconsin

Exploit: Employee email account breach

Risk to Small Business: 2 = Severe: When hackers gained access to employee accounts for nearly three months, they were able to view personal information about the city’s residents. Even though the city hired a third-party forensics firm to investigate the matter, they were unable to determine what information was captured in the breach. The lengthy communications delay and uncertainty surrounding the data accessed reveals that the government agency was fundamentally unprepared for a cyber attack. Although the city is now taking steps to update their cybersecurity protocols in the wake of this data breach, a clear opportunity was missed to secure their network before it was infiltrated by bad actors.

Individual Risk: 1.857 = Severe: Since The compromised email accounts contained personally identifiable information for residents of Sun Prairie, including social security numbers, account login ID and passwords, driver’s license and state identification numbers, bank account numbers, medical information, and payment card information. City officials are unable to identify specific accounts that were accessed, which means that anyone doing business with Sun Prairie should obtain credit and identity monitoring services to ensure that their personal information is safe.

Customers Impacted: Unknown

How it Could Affect Your Business: Hackers have many ways to access employee email accounts, but organizations can take steps to prevent some of these methods from being successful. For instance, proper training about phishing attacks can stop many bad actors in their tracks. At the same time, knowing if your employees’ email accounts are compromised can help sidestep breaches from happening in the first place.

Marin Community Clinics: Multi-clinic network providing primary and specialty care services

Exploit: Ransomware

Risk to Small Business: 1.777 = Severe: A ransomware virus encrypted the healthcare provider’s computer systems, significantly curtailing their operations. Based on the advice of their software provider, the company paid the ransom to recover their files. The organization is continuing to restore files from backups, and they expect to lose some patient data in the process. In the meantime, Marin Community Clinics are using paper records to continue providing care until the network can be restored.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: In today’s digital environment, every organization must have a ransomware preparedness plan that considers the current and future state of the company’s IT infrastructure. In the case of Marin County Clinics, an associated healthcare provider was also victimized by ransomware, and they also paid to recover their files. Considering the ongoing debate among cyber-security experts about the efficacy of paying a ransomware, it could make the company more vulnerable to additional attacks. Of course, the first step to any ransomware preparedness plan is a strong defensive position. Since malware is often delivered through phishing emails, robust employee training can position any organization or agency to repel at attack.

PCM: Direct marketing company offering technology products and services

Exploit: Unauthorized email and network access

Risk to Small Business: 1.888 = Severe: Using stolen administrative credentials for PCM’s Office 365 client accounts, hackers gained access to client data. It’s speculated that hackers intended to use this information to conduct gift card fraud. Upon discovering the breach, PCM closed off access to these accounts, limiting the reach of the intrusion. Despite the relatively minor scope of the data breach, recovering from a cyber-security incident is no small matter. The company will now need to bear the cost of auditing their IT infrastructure as they work to repair the reputational damage that accompanies such an event.

Individual Risk: 2 = Severe: It’s believed that hackers were pursuing information usable to perpetrate gift card scams, which could include stealing personal information. The company has notified those impacted by the breach, and these individuals should be especially vigilant about monitoring their accounts for unusual activity.

Customers Impacted: Unknown

How it Could Affect Your Business: In many ways, PCM got lucky. Although hackers were mostly unsuccessful at obtaining client data, they were able to access systems with a trove of valuable information. Additionally, they were able to accomplish this by simply obtaining administrator credentials, which can be widely available on the Dark Web or through phishing scams. Knowing if this information is available is a critical and often overlooked component of any company’s security posture.

Summa Health: Non-profit healthcare system serving Northeast Ohio

Exploit: Phishing scam

Risk to Small Business: 1.667 = Severe: When employees opened a phishing email and entered credentials into a false form, hackers gained access to protected health information. The healthcare provider disclosed two breaches, one occurring in August 2018 and another in March 2019. It’s unclear why the company didn’t become aware of the breach until May 1st, or why it took almost a month to notify victims of the breach. Their slow response could make it more difficult for victims to identify instances of identity or financial fraud, and also shines a spotlight on the healthcare provider’s data security standards.

Individual Risk: 1.857 = Severe: Hackers accessed significant amounts of personally identifiable information in the breach, including names, dates of birth, medical records, patient account numbers, treatment information, health insurance information, social security numbers, and driver’s license numbers. Those impacted by the breach are encouraged to enroll in credit and identity monitoring services. In addition, they should carefully and continually review their account information, reporting any unusual activity and unauthorized changes as soon as possible.

Customers Impacted: 500

How it Could Affect Your Business: Phishing scams are entirely preventable, and any organization handling personally identifiable information needs to ensure that their employees are equipped to identify and report these increasingly prevalent threats. Exposed personal details usually find their way to the Dark Web, where bad actors can leverage them for a variety of nefarious purposes. It’s critical that companies are prepared with cyber-security awareness and identity protection.

Dominion National: Health insurer providing dental and vision benefits

Exploit: Unauthorized network access

Risk to Small Business: 1.333 = Extreme: An internal notification alerted company officials of a data breach that occurred in 2010. When hackers breached the insurance provider’s network, they gained access to the sensitive information of beneficiaries. In response, the company cleaned its servers to eradicate any unauthorized users from the platform. While it’s common for data breaches to go undetected, ten years is certainly a long time to recognize a vulnerability. As a result, Dominion National will face increased media scrutiny over its cybersecurity capabilities, along with the high cost of updating their security standards and helping their customers recover from the incident.

Individual Risk: 1.857 = Severe: Although the company hasn’t released specifics on the scope of the incident, the unusual exposure length makes it possible for the damage to be extensive. Those impacted may have had their names, addresses, dates of birth, email addresses, social security numbers, taxpayer IDs, bank details, and other insurance-related details compromised. Dominion National has offered identity monitoring and recovery services to those impacted by the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: A data breach is an embarrassing and costly episode for any company, especially when it takes nearly a decade to discover the incident. The first step to recovery is supporting those impacted by the breach, which certainly includes helping them verify the integrity of their information. By addressing their customers first, organizations begin rebuilding their tarnished reputation at a time when they will already incur ancillary expenses that stem from a cyber-security incident.

In Other News:

Internet Scams Have Cost Australians Millions..

Just halfway through 2019, Australians have already lost more than $6 million to internet scams, marking a 33% year-over-year increase.

The report by Scamwatch, an agency run by the Australian Competition and Consumer Commission, reveals that scams intending to attain people’s personal information are becoming more effective and more lucrative.

Australians have lost $2.3 million more in 2019 compared to last year, and the number of reported scams remained relatively steady. What’s more, 4.1% of reported scams resulted in financial loss.

Although phishing scams received the most complaints – nearly 10,000 – they resulted in the lowest amount of loss among the various scam iterations, which reflects both the rapid rate of phishing scams and peoples’ ability to defend themselves against these attacks.

At the same time, it’s evident that more training is required in order to effectively ward off these adaptive and continual threats.

A Note From Kobargo..

Awareness Tops Readiness in UK Cyber-security Preparedness..

UK organizations are well-aware of their cyber-security threat landscape. Unfortunately, that has not enhanced their ability to improve their defensive posture. According to a recent survey, only 42% of organizations are confident in their data security, 10% fewer than companies in other countries.

While 90% of survey respondents indicated that adopting cyber-security best practices is more important than increasing profits, less than 60% of these companies have a formal security policy, a number that has not changed since last year.

Indifference may not be the only factor in their lack of preparation. Many companies cite budgetary and personnel constraints as a significant barrier to improving cyber-security posture.

Even so, the cost of a data breach is more expensive than ever before. The survey found that organizations will dedicate 12% of their revenue to recovering from a data breach, an all-time high. With companies like ours equipped to fortify your cyber-security defenses, now is the perfect time to prepare your company for today’s evolving threat landscape.

For More Info, Check Out Our Latest Video On Security Awareness Training, Available Today!

Contact Kobargo Technology Partners to schedule a free consultation today !

The best online JS tools can be found at HTML-CSS-JS.com: script beautifier, compressor, cheat sheet or just read the blog.

Data Breach, Cyber Alert Monday: Last week, ransomware shuts down multiple U.S Healthcare Providers disrupting many services across the country..

LAST WEEK’S HACKS, ATTACKS, DATA BREACHES AND MORE…

NEO Urology: Healthcare provider for urology care services

Exploit: Ransomware

Risk to Small Business: 1.666= Severe: Hackers gained access to NEO Urology’s network, encrypting the company’s files and disrupting many of their services. Employees were notified of the ransomware by a fax listing “Pay4Day.io” as a contact address for additional information. While their network was inaccessible, the practice reported operational losses of $30,000 – $50,000 per day, a significant sum that ultimately led them to pay the $75,000 ransom using Bitcoin. In this case, it was more affordable to pay the ransom than to experience the revenue losses that accompany an inaccessible network. Unfortunately, their willingness to pay could make them a target for additional attacks.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: Every company needs a ransomware response plan that is both technological and philosophical. Many ransomware attacks originate through phishing scams or other malware, a maxim that underscores the importance of robust cyber-security initiatives. At the same time, developing adequate backup protocols can help companies avoid paying ransoms that neither guarantee a solution nor curtail bad actors from returning in the future.

Oregon Department of Human Service: State government agency supporting safety and health initiatives

Exploit: Phishing attack

Risk to Small Business: 1.444 = Extreme: When nine employees clicked on a phishing email, hackers gained access to their accounts, which collectively included more than two million emails containing personal information. The data breach occurred in January 2019, and it was first reported in March. However, the agency’s forensics investigation identified nearly twice as many impacted accounts as initially disclosed. Although phishing scams are entirely defensible, relying primarily on apathy and ignorance to trick unsuspecting recipients, the Oregon Department of Human Services is now responsible for providing 12 months of identity monitoring and recovery services as well as a $1 million insurance reimbursement policy to those who were impacted by the breach.

Individual Risk: 2 = Severe Risk: When hackers gained access to the employees’ email accounts, they received an incredible amount of personal information. This data could include names, addresses, birth dates, social security numbers, case numbers, personal health information, and other sensitive information. Oregon DHS is offering identity monitoring and recovery services to those impacted by the breach.

Customers Impacted: 645,000

How it Could Affect Your Business: Phishing attacks are on the rise, delivering malware that can cripple a company’s reputation and financial standing. Fortunately, they are also entirely defensible. With proper training, employees can be transformed into the strongest line of cyber-security defense, rather than an imminent liability. Given the high cost of a data breach, the relatively minor expense of a training program is an obvious solution for any organization.

ResiDex Software: Software provider for assisted-living, group facilities, and care-giving organizations

Exploit: Unauthorized network access

Risk to Small Business: 2.333 = Severe: When the software company was the victim of a ransomware attack on April 9th, it discovered unauthorized network access starting on April 2nd. ResiDex launched an IT forensics investigation, which determined that no company information was accessed in the attack. However, hackers could have gained access to the personal information of its clients. Not only will ResiDex have to bear the cost of updating its cyber-security standards, but the unquantifiable reputational damage will have continuing consequences as the company tries to attain new clients or maintain relationships with existing customers.

Individual Risk: 2 = Severe: Since ResiDex serves assisted-living, group facilities, and care-giving organizations, patients at these locations could have their information compromised in the breach. This could include names, social security numbers, and protected health information that was stored with the provider. The software company notified all impacted individuals, but this information can quickly spread on the Dark Web, and those impacted should attain proper identify and financial monitoring services to ensure that their information remains secure.

Customers Impacted: Unknown

How it Could Affect Your Business: When sensitive personal information is compromised in a data breach, companies have a responsibility to help their customers regain confidence in their data’s integrity. In addition to providing identity and financial monitoring services to those impacted, understanding if the exposed information is accessible on the Dark Web by hackers is a critical component of a strong breach response.

City of Riviera Beach: Ransomware

Exploit: Local government organization serving Riviera Beach, Florida

Risk to Small Business: 1.555 = Severe: When a single employee clicked on a malicious email link containing ransomware, the city’s entire computer network was encrypted by ransomware. The encryption prevented the city from using email, logging 911 calls, or even controlling their water utilities. After spending nearly $1 million on new IT infrastructure, the city ultimately decided to pay the ransom, which cost $600,000 in Bitcoin. The payment, which will come from the city’s insurance provider, became necessary when the city discovered that it didn’t have adequate backups to restore vital information to this equipment.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: No personal information was compromised in the breach.

In Other News:

Canadian Companies Unprepared for Cost and Consequences of a Data Breach

Shred-it’s annual Data Protection Report, which evaluates the most prescient threats to data security, took aim at Canadian businesses and concluded that they have an overly optimistic outlook of today’s cyber-security landscape.

Consequently, many companies are not prepared to defend against a data breach, which could negatively impact revenue, employee, and customer retention.

The survey identified shifting consumer sentiments about data privacy and encouraged Canadian businesses to cater to the changing market dynamics by considering the reputational damage that accompanies a data breach along with other serious consequences.

Today, the stakes couldn’t be higher.

A single data breach can have devastating outcomes for companies of all sizes, and this year’s survey concluded that too many companies need to prioritize cyber-security as a critical component of overall business success. Partnering with us can patch holes in your cyber-security protocols while bolstering your defenses going forward!

A Note From Kobargo..

Three Billion Phishing Emails are Sent Every Day Phishing attacks are wreaking havoc as they encourage unsuspecting recipients to hand over critical credentials that give hackers access to network infrastructure, personal financial accounts, and other important portals.

This type of cyber-security threat is ultimately the most defensible, since phishing attacks not only need to make it through email filters, but recipients have to directly act upon the message. Yet, they continue to inflict serious damage on small and medium businesses alike, becoming more common and complicated in today’s digital landscape.

According to a recent report, more than 3.4 billion phishing emails are sent each day, making it increasingly probable that an employee will accidentally engage with the message. This underscores the need for awareness and prevention training to disrupt these efforts. Given the high cost of recovering from a phishing attack, acquiring comprehensive training from trusted professionals (like us!) is a cost-effective way to equip your employees to defend against phishing attacks.

For More Info, Check Out Our Latest Video On Security Awareness Training, Available Today!

Contact Kobargo Technology Partners to schedule a free consultation today !

The best online JS tools can be found at HTML-CSS-JS.com: script beautifier, compressor, cheat sheet or just read the blog.

Data Breach, Cyber Alert Monday: Last week, cyber security breach hits the U.S. Customs and Border Protection Agency…

LAST WEEK’S HACKS, ATTACKS, DATA BREACHES AND MORE…

Emuparadise: Retro Gaming website

Exploit: Compromised password hashing algorithm.

Risk to Small Business: 1.555 = Severe: An outdated, compromised password hashing algorithm was exploited by hackers, causing user data to be compromised. Although the data breach took place on April 1, 2018, the damage was only recently revealed when accounts were provided to HavelBeenPwned. By failing to update their cybersecurity standards, Emuparadise will now face reputational erosion and incur significant costs associated with interrupted business processes and recovery.

Individual Risk: 2 = Severe: Emuparadise users can search HavelBeenPwned to view the status of their credentials. For those compromised, hackers gained access to email addresses, IP addresses, usernames, and passwords. Impacted individuals should be mindful that their credentials could be compromised, and they should be especially careful about using duplicate passwords on other services.

Customers Impacted: 1,131,229

How it Could Affect Your Business: A data breach predicated on outdated security standards is an unnecessary and self-inflicted wound that is entirely avoidable. Instead, every organization should routinely evaluate their cybersecurity standards, ensuring that they reflect industry standard best practices.

Lake City, FL: Ransomware

Exploit: Local government organization serving Lake City, Florida

Risk to Small Business: 2 = Severe: A malware attack delivered “triple threat” ransomware that targeted the city’s network systems, rendering many city services inaccessible. Although emergency services such as police and fire are operational, city email accounts, land-line phones, and credit card services were disabled. In the meantime, the city has been forced to write bills, receipts, and other services by hand. It’s a reminder that ransomware attacks are uniquely dangerous because they not only cost money to repair, but those impacted run the risk of disrupting business processes or losing valuable data.

Individual Risk: 3 = Moderate Risk: City officials believe that personal data, including online payment information, was not compromised in the breach. However, residents should monitor their accounts for suspicious activity.

Customers Impacted: Unknown

How it Could Affect Your Business: Local governments are a top target for hackers, and ransomware is becoming a commonly deployed method for extorting valuable city resources away from citizens. Therefore, every local government needs a comprehensive ransomware response plan before an incident occurs. Ransomware attacks are often initiated by phishing scams, signaling the importance of cybersecurity awareness and training at the front line.

United States Customs and Border Protection: Law enforcement agency operating under the authority of the Department of Homeland Security.

Exploit: Malicious cyber-attack

Risk to Small Business: 1.777 = Severe: A subcontractor violated the department’s policy and transferred copies of license plate and traveler images to their network where they were stolen in a malicious cyber-attack. In response, the agency is monitoring the Dark Web for evidence of this data, and they are reevaluating their cyber-security and privacy standards. Of course, these initiatives are simpler and more palatable when they are done proactively, rather than after an incident occurs. Consequently, the agency will now have to endure increased governmental oversight and media scrutiny.

Individual Risk: 2.428 = Severe: The stolen data included license plate and travel images from certain lanes at a particular border crossing. The agency isn’t providing any more specific information at this time, noting that it processes more than a million border crossings each day. However, they did indicate that no passport or other travel information was compromised in the breach.

Customers Impacted: 100,000

How it Could Affect Your Business: When sensitive personal information is compromised in a data breach, organizations have a responsibility to help those impacted recover from the incident. These responses vary significantly, but they should foundationally include understanding what happens to personal information after its stolen. Personal data can be quickly bought and sold on the Dark Web, so monitoring this environment is a staple of any comprehensive response that can begin restoring the organization’s reputation and protecting those that are affected.

Auburn Food Bank: Ransomware

Exploit: Charitable organization providing free food to families and individuals

Risk to Small Business: 2.111 = Severe: A ransomware attack struck the non-profit, charitable organization, encrypting all but one of its computers. This particular ransomware, GlobalImposter 2.0, cannot be decrypted, and victims must contact the hackers to negotiate a ransom. However, Auburn Food Bank is refusing to negotiate. Instead, they are seeking donations to replace their technology, which is roughly equal to the ransom demands.

Individual Risk: 3 = Moderate Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware attacks are frequently initiated through phishing emails, but this incident occurred at 2:00 A.M., when no employees were in the office. Keeping in mind that such threats can arrive at any time and any place, organizations must prepare a response plan proactively and continuously evaluate their cybersecurity posture.

Evite: Unauthorized system access

Exploit: Social planning and e-invitation service

Risk to Small Business: 1.888 = Severe Risk: Hackers were able to access Evite’s network, which allowed them to download an inactive data storage file that contained the personal information of millions of their customers. Despite being notified of the breach on April 15th, the company is only now acknowledging the breach. Their slow response time and lax security standards will now require them to incur the fees of third-party cybersecurity analysts as well as cascading reputational costs that are difficult to quantify and even more challenging to repair. In the meantime, the company is encouraging users to reset their passwords, a modest first step for such a traumatic incident.

Individual Risk: 2.428 = Severe Risk: The compromised information could include names, usernames, email addresses, dates of birth, phone numbers, and mailing addresses. Fortunately, social security numbers and financial data were not included as part of the breach. However, since this information was already discovered on the Dark Web, those impacted by the breach should immediately attain credit and identity monitoring services to secure their credentials.

Customers Impacted: 1,000,000

How it Could Affect Your Business: When organizations are compromised in a data breach, their response becomes a critical metric in restoring their users’ trust. In this case, the company was slow to respond to the breach, delaying their messaging by several months. When exposed information makes its way to the Dark Web, timing is of the essence, and understanding what happens to the information accessed in the data breach can provide employees or customers with confidence in the integrity of their personal information or credentials. Partnering with an MSP can provide the insight necessary to achieve this.

In Other News:

Australian Universities at Significant Risk of a Cyber Attack A recent audit of the IT environment for Australia’s universities found repeated failures to address identified weaknesses in their IT systems, making them especially susceptible to cyber attacks. Focused on just 10 universities, the audit identified one university…

A Note From Kobargo..

Cyber Criminals Are Getting More Clever.. Security Awareness Training For Your Employees is Critical… Security-minded internet users often look for certain signs – like the padlock accompany a web address or the “https” designation – to identify websites that are safe and secure. Those hallmarks of internet integrity are not as sure as they once were… Read more

For More Information, Follow Us For A New Video On Security Training Awareness! Coming Soon

Contact Kobargo Technology Partners to schedule a free consultation today !

The best online JS tools can be found at HTML-CSS-JS.com: script beautifier, compressor, cheat sheet or just read the blog.

Read more