Cyber Attacks Are On The Rise, Are You Protected?

Risk to Business: 1.299 = Extreme

Lapsus$ also pulled off another high-profile attack, this time against access management company Okta. Lapsus$ announced that it had breached Okta’s security in January on March 22. Supporting the claim, the group published screenshots related to Okta’s internal apps and systems. This one had a bit of a bumpy acknowledgment process by Okta who originally said no customer data was accessed but later clarified, saying “a small percentage of customers – approximately 2.5% – have potentially been impacted and (their) data may have been viewed or acted upon.” A third-party service provider’s previous breach likely also played a part in the incident. No specifics on the data were given. As we stated above, Lapsus$ is typically involved in ransomware operations but no details of any ransomware activity have been reported.

How It Could Affect Your Business Cybercriminals know that service providers are a quick avenue to exploit for vulnerabilities that may allow them to penetrate a bigger company’s security.

Risk to Business: 1.721 = Severe

Morgan Stanley Wealth Management, the wealth and asset management division of Morgan Stanley, says some of its customers had their accounts compromised in a vishing attack. The company notified clients that on or around February 11, 2022, a threat actor impersonating Morgan Stanley gained access to their accounts by impersonating a Morgan Stanley representative and persuading those victims to provide the imposter their Morgan Stanley Online account info. After successfully breaching their accounts, the attacker also electronically transferred money to themselves using the Zelle payment service. No specifics have been given regarding the number of customers swindled, but the firm has stated that those clients were reimbursed.

How It Could Affect Your Business: Brand impersonation is a rising risk that businesses and consumers need to be aware of. almost all breaches are a result of a human making a mistake and that is why it is critical to provide your team with cyber security training.

Risk to Business: 1.909 = Severe

Russian meat wholesaler Miratorg Agribusiness Holding has suffered a major cyberattack that encrypted its IT systems. The attack was reported by Rosselkhoznadzor, Russia’s veterinary medicine and agricultural production and byproducts oversight body. The attackers reportedly made use of the Windows BitLocker feature to encrypt files, possibly gaining access through a state veterinary information service. Rosselkhoznadzor has suggested that this may be a nation-state cyberattack.

How it Could Affect Your Business Nation-state cybercrime is booming, especially around the Russia/Ukraine conflict. This particular malware used a feature built-in to your Windows computer to encrypt or lock your files. Without the decryption key from the cyber criminals, those files are inaccessible and effectively useless.

Risk to Business: 2.017 = Severe

ELTA, the state-owned provider of postal services in Greece, has disclosed a ransomware incident that has knocked most of the organization’s services offline. The organization announced that its IT teams have determined that the threat actors exploited an unpatched vulnerability to drop malware that allowed access to one workstation using an HTTPS reverse shell, encrypting systems critical to ELTA’s business operation. In simple terms, updates/patches were not up to date allowing the cyber criminals access to their network and encrypt their files. ELTA is currently unable to process mail, bill payments or any form of financial transaction orders with no estimate of when these services will be made available again.

How it Could Affect Your Business Cybercriminals love to target organizations in time-sensitive fields to increase their chance of scoring a big payday. This is a classic ransomware attack that will cost ELTA thousands in lost revenue, as well as potentially put them out of business. Keeping your software and systems up to date is critical in preventing cyber-attacks.

Risk to Business: 2.811 = Moderate

The Ministry of Defence has suspended online application and support services for the British Army’s Defence Recruitment System after bad actors compromised some data held on applicants. The army was informed of the break-in on March 14 along with a rumored threat to expose the stolen data on the dark web. The recruitment operations system is run by Capita, a vendor that handles marketing, processing applications and candidate assessment centers. No further information on what data was stolen or when systems will be restored to full operations has been released.

How it Could Affect Your Business Cybercriminals are always hungry for fresh data, especially valuable personal or financial information. If you have any type of customer data stored in your systems, you need to be sure to secure it. Utilizing modern security practices powered by the cloud, you can strengthen your defenses against these types of attacks.

Risk to Business: 2.176 = Severe

The RansomEXX ransomware group hit the Scottish Association for Mental Health, snatching 12 GB of sensitive client data from the charity. The organization confirmed the attack in a statement, explaining “We are devastated by this attack. It is difficult to understand why anyone would deliberately try to disrupt the work of an organization that is relied on by people at their most vulnerable.” Attackers reportedly gained access to internal employee communications as well as other data sources.

Risk to Individuals: 2.307 = Severe

The exposed data includes unredacted photographs of individuals’ driving licenses, passports, personal information such as volunteers’ home addresses and phone numbers, and some clients’ passwords and credit card details.