The Week in Breach News: 07/31/24 – 08/06/24
This week: Ransomware disrupts the blood supply in Florida; another cyberattack on a major mine; five new UK- and Canada-oriented phishing simulation kits are here; and why an antiphishing solution is a smart investment.
What challenges will IT pros face in the second half of 2024? Find out in the Mid-Year Cyber Risk Report. GET IT>>
OneBlood
https://floridapolitics.com/archives/687948-oneblood-says-systems-are-rebooting-after-cyberattack/
Exploit: Ransomware
OneBlood: Non-Profit
Risk to Business: 2.356 = Extreme
A July 17 ransomware attack on OneBlood, a nonprofit serving hospitals in Florida, has disrupted its ability to ship blood products. The organization has implemented manual processes, which are slower and affect inventory availability. Over 250 hospitals were asked to activate their critical blood shortage protocols while OneBlood works to resolve the issue. State officials are pointing the finger at Russia, but that has not been confirmed.
How It Could Affect Your Customers’ Business: Attacks that interrupt the medical supply chain have the potential for catastrophic consequences.
Kaseya to the Rescue: Learn to mitigate a company’s risk of damage from often email-based cyberattacks like ransomware in A Comprehensive Guide to Email-based Cyberattacks. GET THE GUIDE>>
City of Columbus, Ohio
Exploit: Ransomware
The City of Columbus, Ohio: Municipal Government
Risk to Business: 1.356 = Severe
Rhysida has announced that it stole 6.5 terabytes of sensitive data from City of Columbus servers following a ransomware attack on July 18. The attack led to the shutdown of multiple online city services and compromised the personal information of many police officers, including their bank accounts. Notably, no data was encrypted. The stolen information includes internal logins, city databases, a full dump of servers with emergency services applications, and access to city video cameras. Rhysida has demanded a $1.9 million ransom. The incident is under investigation by cybersecurity experts, the U.S. Federal Bureau of Investigation (FBI) and the U.S. Department of Homeland Security.
How It Could Affect Your Customers’ Business: Beyond snarling services, attacks against municipal governments also have the potential to expose highly sensitive data.
Kaseya to the Rescue: Learn about the factors that have shaped cybersecurity in 2024 and be ready for what’s next with the knowledge you’ll gain from our Midyear Cyber-risk Report 2024. GET REPORT>>
Jerico Pictures Inc.
https://securityaffairs.com/166539/data-breach/personal-data-3-billion-people-data-breach.html
Exploit: Hacking
Jerico Pictures Inc.: Background Check Data Company
Risk to Business: 1.721 = Severe
Jerico Pictures Inc., operating as the background-checking data company National Public Data, exposed the personal information of nearly 3 billion individuals in an April breach. The threat actor known as USDoD announced the sale of this data, including full names, Social Security numbers, and addresses, on a dark web forum for $3.5 million. National Public Data collects such information by scraping non-public sources.
How It Could Affect Your Customers’ Business: data repositories like this one are treasure troves for bad actors, supplying them with many types of saleable data in a one-stop-shop.
Kaseya to the Rescue: In The Comprehensive Guide to Third-Party and Supply Chain Risk, you’ll learn about the risks presented by business connections and how to mitigate them. GET THE EBOOK>>
Every business faces insider risk, from employee mistakes to malicious acts. Learn how to mitigate it. DOWNLOAD EBOOK>>
Mexico – Fresnillo PLC
https://cybersecuritynews.com/fresnillo-plc-suffer/
Exploit: Hacking
Fresnillo PLC: Silver Producer
Risk to Business: 2.632 = Moderate
Fresnillo PLC, the world’s leading silver producer, has reported a significant cybersecurity incident involving unauthorized access to IT systems and data. The company has activated response protocols and assures stakeholders that operations continue normally with no reported financial or operational impact. The incident is still under investigation.
How It Could Affect Your Customers’ Business: It’s critical for companies to put themselves in the best possible position for a fast, smooth incident response.
Kaseya to the Rescue: Are you taking advantage of the amazing benefits you get when you combine RocketCyber Managed SOC and Datto EDR? This product brief outlines them all! DOWNLOAD IT>>
Is building an in-house SOC a smart move? Our whitepaper breaks down the costs. READ IT>>
UK – Sable International
https://therecord.media/hackers-email-victims-customers-data-breach
Exploit: Hacking
Sable International: Immigration Services
Risk to Business: 1.612 = Severe
Sable International, with offices in the UK, Australia, and South Africa, has been targeted by a sophisticated cyberattack that forced the company to shut down its servers, website, and transactional portals. The BianLian ransomware gang has claimed responsibility and is pressuring the firm by emailing demands its customers who had data stolen. As of Friday afternoon, the company’s website remains offline.
How it Could Affect Your Customers’ Business: Bad actors are always on the hunt for the slightest opening in a company’s armor that they can exploit to strike.
Kaseya to the Rescue: Learn about five ways that businesses may be in danger of trouble from the dark web in an infographic that’s also perfect for social sharing! DOWNLOAD IT>>
See why choosing a smarter SOC is a smart business decision. DOWNLOAD AN EBOOK>>
Zimbabwe – ZB Financial Holdings
Exploit: Ransomware
ZB Financial Holdings: Financial Services
Risk to Business: 1.896 = Severe
ZB Financial Holdings, a major Zimbabwean financial institution, suffered a ransomware attack in July, resulting in the leak of data to the internet after the company refused to pay the ransom. The leaked data includes customer and employee information, account applications, and files dating back to 2017. The attack may be connected to a notice ZB issued on July 16 about system instability.
How it Could Affect Your Customers’ Business: The financial services industry has been high on cybercriminals’ hit lists, consistently remaining in the top five most attacked industries.
Kaseya to the Rescue: Our infographic walks you through exactly how security awareness training prevents phishing from hooking unsuspecting employees. DOWNLOAD IT>>
Learn about the top cyber threats K-12 schools face and how to mitigate them. DOWNLOAD INFOGRAPHIC>>
India – C-Edge Technologies
Exploit: Ransomware
C-Edge Technologies: Financial Services
Risk to Business: 1.661 = Severe
C-Edge Technologies: Financial Services C-Edge Technologies, a tech service provider for banks, suffered a ransomware attack, leading to its temporary isolation from the NPCI’s retail payment systems. This disruption caused nearly 300 small Indian banks to shut down temporarily. The issue, reported on July 29, impacted cooperative and regional rural banks, affecting about 0.5% of the country’s payment systems. The connection with C-Edge was restored on August 1.
How it Could Affect Your Customers’ Business: A successful cyberattack on a key service provider can have a disastrous impact on the businesses it supplies too.
Kaseya to the Rescue: Run more effective security awareness and phishing resistance campaigns with this infographic featuring 10 expert tips to maximize your training programs. DOWNLOAD IT>>
Learn to defend against today’s sophisticated email-based cyberattacks DOWNLOAD EBOOK>>
Australia – McDowall Affleck
https://thecyberexpress.com/mcdowall-affleck-cyberattack/
Exploit: Hacking
McDowall Affleck: Engineering Firm
Risk to Business: 2.236 = Moderate
McDowall Affleck, an Australian engineering firm specializing in designing storage tanks and pipelines, has reported a cyber incident after the RansomHub ransomware group claimed responsibility. RansomHub alleges to have accessed 470 GB of internal data, including critical documents, insurance records, and personal information. The company has notified the Australian Cyber Security Centre and regional police and is cooperating with authorities.
How it Could Affect Your Customers’ Business: Information about infrastructure components stolen from companies that supply, manufacture or service it can help bad actors attack critical infrastructure targets,
Kaseya to the Rescue: There are a bewildering array of acronyms used for cybersecurity technologies. This infographic breaks down six of them. DOWNLOAD IT>>
Is building an in-house SOC a smart move? Our whitepaper breaks down the costs. READ IT>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident
Find out about five of today’s biggest dark web threats to businesses in this infographic. DOWNLOAD IT>>
5 New UK & Canada-focused phishing simulations
Cybercriminals don’t take time off in the summer, which is why every employee needs to be alert to email-based threats. This is the perfect time for businesses with offices in the UK and Canada to test employee phishing awareness with these new phishing simulation kits.
- Flair Airlines – 10% Discount on Your Next Flight! (Canada)
- Flair Airlines – Your $100 CAD Coupon (Canada)
- HSBC UK – Account Closure Notice (UK – English)
- HSBC UK – New Documents Are Available (UK – English)
- HSBC UK – Verify Your Account (UK – English)
Learn more in the Update Notes. READ MORE>>
See the keys to selecting a Managed SOC to find the perfect one for your clients & your MSP. GET CHECKLIST>>
MDR makes implementing a smart security strategy simple
With RocketCyber’s robust managed detection and response (MDR) capabilities, implementing the most powerful security strategy is a piece of cake. Our platform, combined with the superior efficacy of Datto AV and Datto EDR, offers a strong pillar to support a comprehensive, multilayered security strategy.
- See how our XDR platform offers comprehensive visibility across endpoints, networks and cloud infrastructure.
- Learn why combining our MDR with Datto AV and EDR provides top-tier malware and zero-day threat detection.
- Explore the benefits of having expert analysts provide 24/7 monitoring, minimizing false positives and ensuring swift threat response.
Did you miss…..the Graphus TrustGraph Feature Sheet? DOWNLOAD IT>>
Explore the nuts and bolts of ransomware and see how a business falls victim to an attack. GET EBOOK>>
From Risk to Resilience: Why Investing in Antiphishing Solutions Pays Off
While many facets of cybersecurity are constantly growing and evolving, one bedrock fact seems destined to remain true: phishing is the top threat vector for cyberattacks. In fact, 78% of respondents in the Kaseya Security Survey Report 2023 said they believe their organization will be hit by phishing in 2024. To combat this growing threat, businesses must bolster their defenses against phishing and the email-based threats it brings in its wake. Let’s take a look at the reasons why implementing an AI-driven antiphishing solution is a smart and cost-effective way to strengthen email security, protect data, reduce costs and enhance overall cybersecurity.
Learn more about growing supply chain risk for businesses and how to mitigate it in a fresh eBook. DOWNLOAD IT>>
The rise of AI phishing makes it time to fight fire with fire
The rise of artificial intelligence (AI) has given bad actors easy access to tools that enable them to craft hard-to-detect phishing messages without the usual red flags and made it easy for bad actors to distribute those malicious messages at scale. Here are a few reasons why incorporating an AI-driven antiphishing solution into your email security strategy is crucial for preventing trouble.
Reducing financial loss from phishing attacks
A successful phishing attack can lead to significant financial losses from many components of an incident like unauthorized transfers, ransom payments and theft of sensitive data. By preventing these attacks, AI antiphishing solutions save companies from potential financial disasters. In addition, phishing attacks often result in business downtime, operational disruptions and costly incident response measures. AI solutions can minimize these disruptions by catching and quarantining sophisticated threats that onboard email security or a secure email gateway (SEG) might miss, like zero-day threats, preventing a potential cyber disaster.
Cost-effectiveness now and in the future
AI antiphishing solutions can scale with the company as it grows, providing consistent protection without the need for a proportionate increase in human resources or IT infrastructure. This scalability makes it a cost-effective long-term investment. The innovative features and automations available in a quality antiphishing solution will also automate the detection and mitigation of sophisticated phishing threats, reducing the need for manual intervention and freeing up IT and security staff to focus on more strategic tasks.
Learn how to spot today’s most dangerous cyberattack & get defensive tips in Phishing 101 GET EBOOK>>
Proactive threat detection and faster response
The cyberthreat landscape evolves quickly. Traditional email security technologies like native email security or a SEG may struggle to keep up with the varied tactics of phishing attackers. AI solutions utilize machine learning to continuously learn from new data and adapt to emerging threats, offering a more proactive and robust defense. This proactive approach reduces the likelihood of successful attacks, which in turn saves money. AI-driven systems can respond to phishing attempts in real time, often neutralizing threats before they can cause harm. This superior response capability reduces the window of vulnerability, minimizing the potential impact of phishing on the company.
Long-term ROI
While there may be an upfront cost to implementing an AI antiphishing solution, the long-term return on investment (ROI) is significant. The cost of a single successful phishing attack that ultimately results in ransomware, business email compromise (BEC) or another damaging cyberattack will far exceed the investment in an AI-based phishing defense solution. In our survey, 70% of respondents said that a successful ransomware attack would have a serious impact on their organization, and 17% said that a successful ransomware attack would be fatal for their company. Plus, the continual evolution of the solution through machine learning makes it future-ready and eliminates the need to buy a new solution every few years.
Explore how AI technology helps businesses mount a strong defense against phishing GET INFOGRAPHIC>>
6 reasons why an antiphishing solution is a smart investment
An antiphishing solution is an essential component of email security because phishing attacks remain one of the most prevalent and effective methods cybercriminals use to breach organizations. The rise of artificial intelligence (AI) has given bad actors easy access to tools that enable them to craft hard-to-detect phishing messages without the usual red flags and distribute them at scale. Here’s why incorporating an antiphishing solution into your email security strategy is crucial:
1. High prevalence of phishing attacks
Phishing grows hand-in-hand with email traffic, making prevention a major cybersecurity priority.
- Most common attack vector: Phishing is consistently ranked as the top method used by cybercriminals to infiltrate organizations. 9 in ten cyberattacks start with a phishing message. Given that email is a primary communication tool for businesses, it naturally becomes a significant target for attackers looking to distribute phishing attempts.
- Wide reach and impact: One malignant email can reach a large number of targets in an organization quickly. Even a small success rate can lead to a cybersecurity nightmare like a malware infection or a data breach.
2. Sophistication of phishing techniques
Bad actors benefit from new technologies too when creating clever new phishing messages.
- Evolving tactics: Phishing attacks have evolved beyond the obvious scams of the past. Today’s phishing emails are often highly sophisticated, utilizing social engineering, personalized content and even spoofed email addresses that closely mimic legitimate sources.
- Bypassing traditional security: Basic email filters and traditional security measures often fail to catch today’s highly advanced phishing attempts, especially when AI has been utilized to eliminate the hallmarks of phishing.
How much is data really worth on the dark web? Find out in The IT Professionals Guide to the Dark Web! GET EBOOK>>
3. Human error
Humans can be tricked into making a mistake through clever social engineering, but AI can’t be fooled.
- The weakest link: Phishing emails typically exploit human psychology by creating a sense of urgency or trust. Making matters worse, bad actors can leverage AI tools to eliminate many of the red flags that users have been trained to look for.
- Mitigating risk: An antiphishing solution acts as an additional layer of defense by automatically detecting and neutralizing phishing emails before they can reach an employee, thus reducing the risk of human error.
4. Protection from financial loss
The cost of improving email security is much less than the cost of an incident.
- Stop credential theft: Phishing attacks often aim to steal login credentials, which can lead to unauthorized access to financial accounts and data. An effective antiphishing solution helps prevent this by identifying and blocking these attempts.
- Prevent a cascade of costs: The monetary cost of a successful phishing attack can be enormous. Beyond immediate losses, businesses may face legal consequences and long-term damage to their brand. An antiphishing solution helps mitigate these risks by stopping phishing attempts before they cause harm.
5. Compliance and regulatory requirements
- Regulatory and compliance pressure: Many industries are subject to strict regulations regarding data protection and cybersecurity. Implementing an antiphishing solution can help bolster an organization’s compliance with regulations and insurance requirements.
- Incident reporting: A quality antiphishing solution offers automated reporting and logging features, which can aid in compliance by providing detailed records of detected and blocked phishing attempts.
Get the scoop on 5 of the worst email-based attacks plus tips to protect businesses from them. GET INFOGRAPHIC>>
6. Integrated threat intelligence
Choosing a solution that updates itself without human intervention hardens security.
- Real-time updates: AI-driven antiphishing solutions incorporate threat intelligence feeds that provide real-time updates on emerging phishing campaigns and tactics. They can make use of this data to tailor protection without human intervention. This ensures that your email security is always up-to-date on the latest threats.
- Adaptive defense: With AI and machine learning, antiphishing solutions can learn from past phishing attempts and adapt to new ones, continuously improving their ability to detect and block sophisticated attacks.
Bonus: Peace of mind
- Demonstrate security savvy: Having robust, layered email security as part of a defense-in-depth approach to cybersecurity shows business partners that an organization has been thoughtful about building its security.
- Reduce IT team pressure: An automated antiphishing solution is on the job 24/7/365 and never takes a vacation. AI ensures that the solution is making smart choices about catching and quarantining emails. Automatic updating and threat analysis allieviates maintenance burdens. Plus, reducing the number of junk alerts technicians have to wade through lowers IT team stress and boosts efficiency.
In The Educator’s Guide to Cybersecurity, see the cyber threats that schools face & how to mitigate them. DOWNLOAD IT>>
Kaseya’s Security Suite Helps Businesses Mitigate All Types of Cyber Risk Affordably
Kaseya’s Security Suite has the tools that MSPs and IT professionals need to mitigate cyber risk effectively and affordably with automations and AI-driven features that make IT professionals’ lives easier.
BullPhish ID: This effective, automated security awareness training and phishing simulation solution provides critical training that improves compliance, prevents employee mistakes and reduces a company’s risk of being hit by a cyberattack.
Dark Web ID: Our award-winning dark web monitoring solution is the channel leader for good reason. It provides the greatest amount of protection around with 24/7/365 human- and machine-powered monitoring of business and personal credentials, including domains, IP addresses and email addresses.
Graphus: Graphus is a cutting-edge, automated phishing defense solution that puts three layers of AI-powered protection between employees and phishing messages. It works equally well as a standalone solution or supercharges your Microsoft 365 and Google Workspace email security.
RocketCyber Managed SOC: Our managed detection and response (MDR) solution is backed by a world-class security operations center that detects malicious and suspicious activity across three critical attack vectors: endpoint, network and cloud.
Datto EDR: Detect and respond to advanced threats with built-in continuous endpoint monitoring and behavioral analysis to deliver comprehensive endpoint defense (something that many cyber insurance companies require).
Datto AV: Safeguard businesses effortlessly against sophisticated cyberthreats, including zero-days and ransomware, with AI-driven, next-generation antivirus protection that is over 99% effective, far surpassing the industry average.
Learn more about our security products, or better yet, take the next step and book a demo today!
Demystifying Email Security – Making Sense of Email Alphabet Soup
August 8, 2024 | 1 PM ET/ 10 AM PT
Email is one of the most crucial tools for businesses. Unfortunately, it is also the primary vector for cyber threats. Businesses need robust email security that can prevent email-borne threats from becoming disasters. But how can you be sure you’re making a smart choice in a crowded landscape?
Join Chris McKie, Kaseya’s VP of Product Marketing, Networking and Security Solutions for a webinar that will bring clarity to that dilemma. In this webinar, we will:
- Walk you through the complexities of email security and how to facilitate secure email communication.
- Demystify the alphabet soup of email protocols, such as SPF, DKIM, DMARC and more
- Share practical strategies and best practices to minimize your email threat vector and enhance your organization’s email security.
Don’t miss this illuminating session! REGISTER NOW>>
August 8: Kaseya+Datto Connect Local Perth (Australia) REGISTER NOW>>
August 18: Kaseya+Datto Connect Local Perth REGISTER NOW>>
August 22: Kaseya+Datto Local Symposium Long Branch REGISTER NOW>>
August 28: Kaseya+Datto Connect Local New York REGISTER NOW>>
September 19: Kaseya+Datto Connect Local the Netherlands REGISTER NOW>>
October 28 – 30: Kaseya DattoCon (Miami) REGISTER NOW>>
November 12 – 14: Kaseya DattoCon APAC (Sydney) REGISTER NOW>>
Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!