Cyber Alert Monday 5-25-2020 – cybercriminal activity

Last week, ransomware disrupts remote work, accidental data sharing compromises customer data, and cybercriminal activity reaches an all-time high.  

cybercriminal activity

United States – Sparboe 

Exploit: Ransomware 
Sparboe: Egg producer  

Risk to Small Business: 2.351 = Severe

Cybercriminals have targeted a vulnerable food supplier with ransomware that encrypted files and exfiltrated data. In addition to product-related information, cybercriminals also obtained personal data on current and former employees. Now, the company faces an arduous recovery process that will involve resuscitating its reputation as it grapples with the high cybersecurity costs associated with ransomware attacks.

Individual Risk: 2.829 = Moderate

Although it’s unclear what data was compromised, current and former employees should assume the worst. Since companies collect and store employees’ most sensitive personal and financial data, all of this information could be available to bad actors. Those impacted should notify their financial institutions while taking care to monitor their accounts and communications for unusual or suspicious activity.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: A cybersecurity incident is a permanent stain on an organization’s reputation that can impact customer loyalty, employee retention, and future capability. Cybersecurity has implications for every facet of a business, as the investment in defensive capabilities will far outweigh the collective costs of a data loss event.

United States – Grubman Shire Meiselas & Sacks

Exploit: Ransomware
Grubman Shire Meiselas & Sacks: Law firm  

Risk to Small Business: 1.409 = Extreme

A ransomware attack has compromised the highly sensitive personal data of dozens of high profile clients including tech giants, A-List celebrities, and sports stars. The law firm lost 756GB of client data in the attack. Cybercriminals are threatening to release the information in nine installments unless the firm pays a ransom, believed to exceed $20 million. This attack reflects a ransomware trend: hackers steal company data and demand payment. Until now, many were content to simply encrypt an organization’s network in hopes of being paid for a decryption key. Unfortunately, this new methodology is much more expensive, which could undermine the organization’s long-term reputation and viability.  

Individual Risk: 1.560 = Extreme

Cybercriminals obtained extremely detailed private information about high-profile clients including names, contract details, phone numbers, email addresses, personal correspondence, legal filings, and non-disclosure agreements. This information is often used to perpetuate blackmail, spear phishing attacks, identity theft, and other crimes. Those impacted by the breach should enroll in credit and identity monitoring services. In addition, Dark Web monitoring offers insights into the spread of personal information, bolstering their ability to respond to misuse.   

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware attacks are increasingly becoming data loss events, as cybercriminals steal data before encrypting critical IT. This compounds the cost and consequences of an attack, and it should encourage every organization to assess its defensive posture in relation to this threat.

Canada – Orchard Villa

Exploit: Unauthorized data release
Orchard Villa: Retirement community

Risk to Small Business: 1.975 = Severe

Orchard Villa, a retirement community that’s been ravished by COVID-19, endured a data breach after employees inadvertently released residents’ personal details and protected health information. The breach has brought continued blowback from residents and families already frustrated by a lack of transparency and communication. Now, the facility is enduring harsh media scrutiny and a data privacy investigation from Ontario’s privacy commission, both of which could have costly repercussions for the care facility.

Individual Risk: 2.177 = Severe

Although Orchard Villa didn’t provide a comprehensive disclosure of compromised data, the facility indicated that personal data and protected healthcare information was shared. Those impacted by the breach should carefully monitor their accounts and communications, as this information could be used to facilitate spear phishing campaigns or other forms of fraud. 

Customers Impacted: Unknown.

How it Could Affect Your Customers’ Business: As we explained in last week’s newsletter, customers are more ready than ever to walk away from companies that can’t protect their personal data. In 2020 and beyond, it’s clear that every organization’s competitive advantage is predicated on its ability to protect customer data. When they fail, customers are more than happy to find an alternative platform for their business.

Canada – Workers’ Compensation Board of Nova Scotia

Exploit: Accidental data exposure 
Workers’ Compensation Board of Nova Scotia: Province-level workplace safety organization

Risk to Small Business: 2.027 = Severe

An employee inadvertently posted unredacted claims online, exposing personal information from several compensation claims made to the board. The organization was notified of the privacy breach by the media and removed the documents from the internet. However, the information was readily available online, making it unclear who could have accessed this information and what they will do with the data. This isn’t the organization’s first data privacy breach, making its inability to guard against a data breach especially problematic.

Individual Risk: 2.201 = Severe

The breach exposed the names, personal information, and case details for an unknown number of claimants. Since these filings often include information that could be embarrassing or problematic if exposed to the public, and the information could be used in future fraud attempts. Those affected should carefully monitor their accounts for unusual or suspicious communications.   

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Insider threats frequently pose a risk to data security. Both accidental and malicious data misuse can have steep consequences for companies and consumers, making internal data management standards an essential component of your cybersecurity strategy. The Workers’ Compensation Board has promised to update their practices to eliminate this threat in the future, and organizations should learn from their mistakes by guarding against insider threats before an incident occurs

Risk Levels:

1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


In Other News:    

2/3 of Consumers Reuse Their Passwords on Multiple Platforms     

Despite years of advocacy for strong, unique passwords for each digital service, most people continue to reuse their credentials across various online platforms, a risk that is warned against in our password security information package

It looks to be more attributable to a desire for convenience than ignorance – a recent consumer survey found that 91% of consumers recognize the risk of reusing their passwords across multiple platforms, but 66% continue to use the same passwords anyway.

People are still making weak and easily guessed passwords in popular categories too. At the same time, 53% have not changed their passwords in the past year, leaving multiple platforms vulnerable to the treasure trove of login credentials available on the Dark Web.

Users who reuse passwords are primarily concerned with the hassle of a reset – 60% are worried about forgetting their login credentials, and 52% want more control over their passwords. Today’s businesses need to understand that this trend impacts their employees and their customers, putting their critical IT at risk along the way. 

Using tools and services that support good password hygiene, offering things like single sign-on, two-factor authentication, and other password-oriented enhancements, and enforcing stricter password reuse and sharing policies can help mitigate the risk of password compromise through password reuse and weakness.

https://securityboulevard.com/2020/05/66-percent-of-consumers-recycle-their-account-passwords-do-you/    

 


A Note From Kobargo

COVID-19 Leads to Record-Breaking Cybercriminal Activity    

As the world grapples with the far-reaching implications of the COVID-19 pandemic, cybercriminals are capitalizing on the chaos to unleash an unprecedented number of attacks against businesses and individuals. Bad actors have unleashed an onslaught of phishing scams, 30% of which are directly related to COVID-19.  

These malicious messages are joined by 854,411 phishing or counterfeit websites, four million suspicious websites, and an unprecedented surge in corporate cyberespionage, especially in healthcare. In addition, cybercriminals are hawking unproven cures, fraudulent charities, and other troubling trends. For instance, researchers found 1,092 websites pushing hydroxychloroquine as a cure for COVID-19.   

Experts note that cybercriminals are relying on peoples’ desire for insight in an unstable information landscape, concerns about economic instability, and generalized anxiety as prominent factors that make these scams so effective. In response, every organization needs to prepare its employees for this new reality, making employee awareness training an essential defensive strategy in today’s rapidly changing digital ecosystem.    

https://www.yahoo.com/gma/pandemic-spawned-record-breaking-cybercriminal-activity-report-110201402–abc-news-topstories.html?&web_view=true


Contact Kobargo Technology Partners to schedule a free consultation today!

Comments are closed.

Sign up for our Newsletter


By submitting this form, you are consenting to receive marketing emails from: Kobargo Technology Partners, 12425 W. Bell Road, Surprise, AZ, 85378, http://www.kobargo.com. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact