Blog Cyber Security News Ransomware

Cyber Attacks Are On The Rise, Are You Protected?

No featured Image

Risks evolve quickly in today’s fast-paced cyber threat landscape.

 

It can be hard for many to stay on top of exactly which risks their business needs to be the most concerned about right now.

 

After all, every organization works differently, giving your organization a unique array of risks that you need to be concerned about at any one time.

 

Here is a collection of recent cyber attacks on companies you may be familiar with what you can learn from their breach.

 

Microsoft

View source article.

Exploit: Unauthorized Access

Microsoft: Software Company

cybersecurity news gauge indicating extreme riskRisk to Business: 2.337 = SevereThe Lapsus$ gang has breached Microsoft’s Azure DevOps server stealing 37GB of source code on projects relating to Bing, Bing Maps, and Cortana. Microsoft confirmed the incident, saying that the threat actors gained access through a compromised employee account. Microsoft made a blog post about its recent operations to track and potentially interfere with Lapsus$ last week.  Lapsus$ is known to be a ransomware outfit, but no ransom activity was disclosed in this incident. Microsoft says “viewing source code does not lead to elevation of risk.” but it can give cyber criminals an edge in their attack.How It Could Affect Your Business: Source code is a useful asset for cyber criminals that can help them develop new malware and attack techniques.

 

 

Okta

View source article.

Exploit: Credential Compromise (Supply Chain Risk)

Okta: Identity and Access Management Solutions

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 1.299 = Extreme

Lapsus$ also pulled off another high-profile attack, this time against access management company Okta. Lapsus$ announced that it had breached Okta’s security in January on March 22. Supporting the claim, the group published screenshots related to Okta’s internal apps and systems. This one had a bit of a bumpy acknowledgment process by Okta who originally said no customer data was accessed but later clarified, saying “a small percentage of customers – approximately 2.5% – have potentially been impacted and (their) data may have been viewed or acted upon.” A third-party service provider’s previous breach likely also played a part in the incident. No specifics on the data were given. As we stated above, Lapsus$ is typically involved in ransomware operations but no details of any ransomware activity have been reported.

 

How It Could Affect Your Business Cybercriminals know that service providers are a quick avenue to exploit for vulnerabilities that may allow them to penetrate a bigger company’s security.

 

 

United States – Morgan Stanley

View source article.

Exploit: Social Engineering (Vishing)

Morgan Stanley: Financial Services

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.721 = Severe

Morgan Stanley Wealth Management, the wealth and asset management division of Morgan Stanley, says some of its customers had their accounts compromised in a vishing attack. The company notified clients that on or around February 11, 2022, a threat actor impersonating Morgan Stanley gained access to their accounts by impersonating a Morgan Stanley representative and persuading those victims to provide the imposter their Morgan Stanley Online account info. After successfully breaching their accounts, the attacker also electronically transferred money to themselves using the Zelle payment service. No specifics have been given regarding the number of customers swindled, but the firm has stated that those clients were reimbursed.

 

How It Could Affect Your Business: Brand impersonation is a rising risk that businesses and consumers need to be aware of. almost all breaches are a result of a human making a mistake and that is why it is critical to provide your team with cyber security training.

 

Russia – Miratorg Agribusiness Holding

View source article.

Exploit: Malware (Nation-State)

Miratorg Agribusiness Holding: Meat Distributor

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.909 = Severe

Russian meat wholesaler Miratorg Agribusiness Holding has suffered a major cyberattack that encrypted its IT systems. The attack was reported by Rosselkhoznadzor, Russia’s veterinary medicine and agricultural production and byproducts oversight body. The attackers reportedly made use of the Windows BitLocker feature to encrypt files, possibly gaining access through a state veterinary information service. Rosselkhoznadzor has suggested that this may be a nation-state cyberattack.

 

How it Could Affect Your Business Nation-state cybercrime is booming, especially around the Russia/Ukraine conflict. This particular malware used a feature built-in to your Windows computer to encrypt or lock your files. Without the decryption key from the cyber criminals, those files are inaccessible and effectively useless.

 

Greece – Hellenic Post (ELTA)

View source article.

Exploit: Ransomware

Hellenic Post (ELTA): National Postal Service

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.017 = Severe

ELTA, the state-owned provider of postal services in Greece, has disclosed a ransomware incident that has knocked most of the organization’s services offline. The organization announced that its IT teams have determined that the threat actors exploited an unpatched vulnerability to drop malware that allowed access to one workstation using an HTTPS reverse shell, encrypting systems critical to ELTA’s business operation. In simple terms, updates/patches were not up to date allowing the cyber criminals access to their network and encrypt their files. ELTA is currently unable to process mail, bill payments or any form of financial transaction orders with no estimate of when these services will be made available again.

 

How it Could Affect Your Business Cybercriminals love to target organizations in time-sensitive fields to increase their chance of scoring a big payday. This is a classic ransomware attack that will cost ELTA thousands in lost revenue, as well as potentially put them out of business. Keeping your software and systems up to date is critical in preventing cyber-attacks.

 

United Kingdom – Ministry of Defence

View source article.

Exploit: Nation-State Hacking (Hacktivism)

Ministry of Defence: National Government Agency

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.811 = Moderate

The Ministry of Defence has suspended online application and support services for the British Army’s Defence Recruitment System after bad actors compromised some data held on applicants. The army was informed of the break-in on March 14 along with a rumored threat to expose the stolen data on the dark web. The recruitment operations system is run by Capita, a vendor that handles marketing, processing applications and candidate assessment centers. No further information on what data was stolen or when systems will be restored to full operations has been released.

 

How it Could Affect Your Business Cybercriminals are always hungry for fresh data, especially valuable personal or financial information. If you have any type of customer data stored in your systems, you need to be sure to secure it. Utilizing modern security practices powered by the cloud, you can strengthen your defenses against these types of attacks.

 

 

Scotland – Scottish Association for Mental Health

View source article.

Exploit: Ransomware

Scottish Association for Mental Health: Healthcare Provider

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.176 = Severe

The RansomEXX ransomware group hit the Scottish Association for Mental Health, snatching 12 GB of sensitive client data from the charity. The organization confirmed the attack in a statement, explaining “We are devastated by this attack. It is difficult to understand why anyone would deliberately try to disrupt the work of an organization that is relied on by people at their most vulnerable.” Attackers reportedly gained access to internal employee communications as well as other data sources.

cybersecurity news represented by agauge showing severe risk

Risk to Individuals: 2.307 = Severe

The exposed data includes unredacted photographs of individuals’ driving licenses, passports, personal information such as volunteers’ home addresses and phone numbers, and some clients’ passwords and credit card details.

 

 

How it Could Affect Your Business This situation is especially unfortunate because in addition to an expensive incident response, the organization likely faces costly penalties. This is a prime example of why cyber criminals do what they do. To steal personal information such as your drivers license, passports, passwords, etc.

 

 

Are you protected against cyber attacks?

Contact us today or book a discovery session to explore cyber security solutions tailored to you and your business.

Leave a Reply

Your email address will not be published. Required fields are marked *