Cyber Alert Monday 6-22-2020 – Ransomware Risk

Last week, ransomware risk shuts down the production of cars and beer, phishing lands a professional haul, the risk of working remote, and your IT security plan!

computer with pirate flag in red and black ransomware risk

United States – ST Engineering 

Exploit: ransomware risk
ST Engineering: aeronautics contractor 

Risk to Small Business: 1.732 = Severe

The San Antonio, Texas branch of defense, aeronautics, and space contracting conglomerate ST Engineering was hit with a MAZE ransomware attack disrupting operations and putting data at risk for a second time. This division of the international flight equipment services giant was also hit with a MAZE ransomware attack in May 2020 to the same effect. In an industry that expects top-notch security standards to be maintained by any company that wants to be a player, this is problematic and dangerous.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware like MAZE is commonly delivered to vulnerable businesses through phishing attacks, including the use of fake websites and dodgy attachments to infect systems. Phishing has grown exponentially in 2020, and COVID-19 related attacks are on track to be the biggest phishing scam driver in history.

United States – Kentucky Employee Health Plan 

Exploit: unauthorized database access
Kentucky Employee Health Plan: health insurance provider 

Risk to Small Business: 1.462 = Severe

Two data breaches compromised plan mem

bers’ personal data and enabled bad actors to steal more than $100,000 in gift cards. Hackers used valid login information to access the system in the first breach and were able to compound the damage of that breach in a second breach. The second breach accessed member programs to redeem reward points for gift cards. The two breaches created scrutiny and drew calls for further investigation as to whether the “bad actors” were from outside the office or if insider threats were the root cause.  

Individual Risk: 2.703 = Moderate

Hackers accessed users’ account portals containing their screening and health assessment data. Although this attack appears to be financially motivated, healthcare-related data often makes its way to the Dark Web, where it can be used to execute additional fraud attempts. Those impacted by the breach should immediately update their account passwords while monitoring their accounts for suspicious activity.  

Customers Impacted:  2,700

How it Could Affect Your Customers’ Business: whatever the results of this investigation show, it raises the question of insider threats. Whether staffers are accidentally or deliberately giving information and passwords to bad actors, insider threats have to be a top concern for every business

Canada – Chartered Professional Accountants of Canada

Exploit: phishing
Chartered Professional Accountants of Canada: professional membership organization  

Risk to Small Business: 1.

317 = Severe

The organization recently disclosed that personal information for its members had been compromised following a successful phishing attack in April. CPA Canada announced the results of its completed investigation, determining that the compromised information primarily affected subscribers of its CPA Canada magazine and an indeterminate number of website users. Impacted members were sent a phishing email asking them to change their user information on the organization’s online platform.

Individual Risk: 2.238 = Moderate

The security alert sent to all users of the CPA Canada website or magazine subscribers notes that members should be wary of spear-phishing emails using industry-specific details from CPA Canada and change their login credentials on the website as a safety precaution.  

Customers Impacted: 329,000

How it Could Affect Your Customers’ Business: A data breach caused by a human error like phishing is a sign to an organization’s membership that it doesn’t take those members’ information security seriously, making it harder to retain members and sell professional resources. 

Risk Levels:

1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


In Other News:    

Ransomware is Everywhere, and Every Company is At Risk    

Ransomware is a growing menace to companies of every size and has surged to become even more popular as a means of attack. During the global pandemic, researchers reported that ransomware attacks have skyrocketed, increasing by more than 140% over 2019.  

Ransomware has not only become more pervasive; it’s also become more expensive. The expected cost of a ransomware attack, (including recovery, remediation, and ransoms), is expected to increase to $20 billion in 2021.  One U.S. oil and gas company lost a whopping $30 million to a single ransomware attack in 2019, and ransomware related downtime can also cost a fortune.  

Healthcare is an especially popular and juicy target for bad actors, and cyberattacks against healthcare industry targets have increased fivefold in 2020.  Ransomware risk has ravaged healthcare organizations providing essential COVID-19 care in the US, Canada, the UK, and other regions impacted by the pandemic.  

The most common method of delivery for ransomware is through a phishing attack, and they’ve jumped over 600% since the start of the COVID-19 pandemic. Don’t wait until ransomware makes an impact on your bottom line – start training every staffer thoroughly to make them the strongest possible defense against the phishing attacks that aim to deliver ransomware.  

BullPhish ID is the perfect training and testing solution for today’s remote workforce. This dynamic platform includes over 80 phishing kits (including the initial email and related landing page and reply email), and 50 security video campaigns (short animated videos with test and reply email), including training to resist COVID-19 phishing scams.  

Because phishing is a universal menace, we offer training materials in 8 languages, and we’re constantly updating our menu of training choices to account for new threats as they become apparent, keeping every user in an organization on guard for trouble like ransomware. 


A Note From Kobargo

Are You Staying Remote? Update Your IT Security Plan.    

Although many companies were accustomed to supporting a remote workforce at least part of the time before the global pandemic, every company that’s still operating had to quickly transition to a fully remote workforce as the pandemic took hold of the world – and some of them discovered that they liked it. 

Many companies used to only allow limited remote work, convinced that their staffers would be less productive at home without supervision. As remote work became a necessity during the COVID-19 restrictions imposed around the world, companies that braced for decreased productivity from their newly remote workforce were in for a surprise. Instead of diminishing production, remote work was boosting it, with one study reporting that remote workers on average worked 1.4 more days in a month than they did in the office.  

This has led to a sea change in the thinking about remote work. Myriad companies in a broad range of industries have already adopted or are beginning to adopt permanent remote work as a norm for staff. The enticement of smaller facility costs and more flexibility combined with the added staff productivity and satisfaction is encouraging progressive companies to stay fully remote – but remote work brings its own cybersecurity risks.

If you’re considering never going back to the office or even just keeping your staff flexible with extended remote capability, you’ll need to reconsider your cybersecurity posture. Remote work may bring many benefits, but it also brings new cybersecurity challenges to the table. Choosing the right cybersecurity stack (including a digital risk protection platform) to support remote work today can save many headaches, and dollars, in the future. 


Contact Kobargo Technology Partners to schedule a free consultation today!

Comments are closed.

Sign up for our Newsletter


By submitting this form, you are consenting to receive marketing emails from: Kobargo Technology Partners, 12425 W. Bell Road, Surprise, AZ, 85378, http://www.kobargo.com. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact