BLOG
Cyber Threat Report
CASE STUDY

Cyber Threat Report for the Week of 6/23/21

CVS Health Faces Data Breach,1B Search Records Exposed
Over 1 billion search records were accidentally posted online in a CVS Health data breach in late March, as reported by an independent cybersecurity researcher. Read Article
 
Most Firms Face a Second Ransomware Attack After Paying off First
Some 80% of businesses that choose to pay to regain access to their encrypted systems experience a subsequent ransomware attack, amongst which 46% believe it to be caused by the same attackers. Read Article
 

First American Financial's SEC Breach Settlement: $488,000
An SEC document reveals that information security staff members at the company were aware of a software vulnerability for five months but failed to fix it, leading to the breach.

The data breach exposed personal and mortgage-related documents via an online document-sharing system that held some 800 million documents. The files contained personal data, including Social Security numbers, financial information, driver's license scans, PDFs of home closing documents, wire transfers, and more dating back to 2003. Read Article

This is How Fast a Password leaked on the web will be Tested out by Hackers
Cybersecurity researchers planted phony passwords on the web. They found that attackers were extremely quick to test if usernames and passwords worked. Read Article
 
Complex Supply Chain Logistics is Leaving Defense Contractors Vulnerable
With contractors in the crosshairs of hostile nation-state hacking groups and ransomware gangs, the Department of Defense is in the midst of implementing a new evaluation program called the Cybersecurity Maturity Model Certification (CMMC). Read Article
 
Researcher Claims Apple Downplayed Severity of iCloud Account Takeover Vulnerability
A security researcher claims he discovered a critical vulnerability in Apple’s password reset feature that could have been used to take over any iCloud account, but Apple has downplayed the impact of the flaw. Read Article
 
Water Sector Security Report Released Just as Another Water Plant Hack Comes to Light
The same day the report was published, NBC News revealed that a hacker attempted to poison an unnamed water treatment plant that serves parts of the San Francisco Bay Area on January 15. Read Article
 
Insight Global Calls on Former Employees to Secure PII Data Breach
Fired PA contractor Insight Global asked former employees to secure documents from its contact tracing program months after its PII data breach was supposedly secured. Read Article
 
Most Organizations Would pay in the Event of a Ransomware Attack
Despite the Director of the FBI, the US Attorney General, and the White House warning firms against paying cyber-related ransoms, 60 percent of organizations have admitted they would shell out funds in the event of an attack, according to research from Harris Interactive. Read Article
 
One in Five Manufacturing Firms Targeted by Cyberattacks

Information-stealing malware makes up about a third of attacks, a study finds, but companies worry most about ransomware shutting down production. Read Article

JAN21003-Cyber-Threat-Horizontal-CTA

The past week continues to be a busy one (see below) for cybercriminals and those of us who help keep them at bay. There appears to have been an uptick during the past week in attacks against the health care sector with successful attacks against hospitals and insurance providers. This is not surprising given how valuable complete patient record sets are compared to partials, not to mention how critical health care IT operations are.

Now is a good time for you to review your backup procedures. Colonial Pipeline restored most of their data from backups, but a small percentage of data was corrupted in the process. That corrupted data forced Colonial to pay the ransom in order to restart its operations. Don’t assume that backing up is good enough, you need to regularly test to ensure data integrity. In the end, not testing - cost Colonial $4.4 million and even though some of the money was recovered, their operations were shut down for 8 days.

If you were successfully attacked, could you afford some part of $4 million dollars in addition to being shut down for over a week?