The Week in Breach News: 08/16/23 – 08/22/23
This week: Malicious insiders speed off with data at Tesla, The Clorox Company faces a big cleanup after a ransomware mess, why a lack of training leads to disaster and details about our upcoming cyberattack trends webinar.
See what the biggest cybersecurity challenges are right now in our Mid-Year Cyber Risk Report 2023. DOWNLOAD IT>>
Tesla
Exploit: Malicious Insider
Tesla: Car Company
Risk to Business: 1.276 = Extreme
Tesla has admitted that it had a data breach in May 2023 that was caused by malicious insiders. Allegedly, two or more Tesla employees stole data including customer data from Tesla and leaked it. The German news outlet Handelsblatt obtained the data and published an analysis of it, which is how Tesla found out about the data breach. The treasure trove contained 100 gigabytes of confidential data, which included employees’ names and contact information such as addresses, cell phone numbers, and email addresses. The leaked data also included around 2,400 customer complaints about Tesla cars suddenly accelerating and a further 1,500 complaints of braking issues, including 383 cases of “phantom braking”.
How It Could Affect Your Customers’ Business: No matter how loyal a company’s staff may seem, no company should ever discount the possibility of malicious insider activity.
Kaseya to the Rescue: Learn more about how to spot and fix both malicious and accidental insider risks in our eBook The Guide to Reducing Insider Risk. DOWNLOAD IT>>
The Clorox Company
https://cybernews.com/news/clorox-company-hack-shutdown/
Exploit: Ransomware
The Clorox Company: Consumer Product Manufacturer
Risk to Business: 1.405 = Extreme
The Clorox Company, best known for producing liquid bleach and cleaning products, is facing a cleanup of its own after it was forced to take some systems offline to clean up after being hit with a probable ransomware attack. The company said that the attack has impacted and will continue to impact its operations but did not specify which products may be impacted. The company did not say if any data was accessed or stolen by the bad actors. Clorox said that it has informed law enforcement of the incident and it is working with third-party cybersecurity experts to investigate the attack and restore its operations.
How It Could Affect Your Customers’ Business: A ransomware attack can be especially devastating for a manufacturer by shutting down production lines and disrupting other OT.
Kaseya to the Rescue: Learn the basics about different types of ransomware attacks and follow the path of a ransomware attack in our eBook Ransomware 101. DOWNLOAD IT>>
Prince George’s County Public Schools (PGPS)
https://www.fox5dc.com/news/pgcps-network-hit-by-cyberattack-4500-accounts-affected
Exploit: Hacking
Prince George’s County Public Schools (PGPS): Education Authority
Risk to Business: 1.673 = Severe
Right at the start of the school year, Prince George’s County Public Schools in Maryland announced that it was the victim of a cyberattack. The attack caused a broad internet outage throughout the system. PGPS said that it believes that the majority of the impacted accounts belonged to staffers, emphasizing that no impact has been observed in its primary business and student information systems. An investigation is ongoing.
How It Could Affect Your Customers’ Business: Schools have been under siege by bad actors hoping to score a quick ransomware payment.
Kaseya to the Rescue: Explore how security awareness training helps organizations defend against today’s most dangerous cyber threats in this infographic. DOWNLOAD IT>>
Geico
Exploit: Supply Chain Attack
Geico: Insurer
Risk to Business: 2.610 = Moderate
Insurance giant Geico is the most recent company to become entangled in the MOVEit exploit saga. The company confirmed to reporters that it has experienced a data breach that has led to the exposure of employee personal data due to a service provider’s use of MOVEit. Geico sent employees a letter advising them that their data had been exposed but did not specify exactly what data may have been impacted.
How It Could Affect Your Customers’ Business: Supply chain attacks are escalating, and just one attack on a supplier can be a big problem that brings big bills for any organization.
Kaseya to the Rescue: Every company needs to be ready for trouble with an incident response plan in place to minimize downtime and speed up recovery. This checklist can help. DOWNLOAD CHECKLIST>>
M&T Bank
https://www.jdsupra.com/legalnews/m-t-bank-files-notice-of-data-breach-3084032/
Exploit: Supply Chain Attack
M&T Bank: Bank
Risk to Business: 1.673 = Severe
On August 14, 2023, M&T Bank filed a notice of data breach with the Attorney General of Massachusetts. In this notice, M&T explains that the breach is the result of a data security incident at a service provider related to the MOVEit exploit that resulted in an unauthorized party being able to access consumers’ sensitive information including manes and account data. M&T Bank is offering free credit monitoring services to anyone affected by the breach. The incident is in the early stages of investigation.
How it Could Affect Your Customers’ Business: Governments of every size and government agencies have been high on cybercriminal hit lists.
Kaseya to the Rescue: Our eBook How to Build a Security Awareness Training Program helps IT professionals design and implement an effective training program quickly. DOWNLOAD IT>>
What cybercriminal tricks do employees fall for in phishing simulations? Find out in this infographic. GET IT>>
United Kingdom – Swan Retail
https://techmonitor.ai/technology/cybersecurity/swan-retail-cyberattack
Exploit: Hacking
Swan Retail: Business Services Provider
Risk to Business: 1.682 = Severe
UK retail business services provider Swan Retail had been knocked offline, causing a major disruption for more than 300 independent retailers. The August 13, 2023, attack impacted Swan Retail’s inventory management, order fulfillment and accounting systems. The company works with around 300 independent retailers around the UK in a variety of verticals including fashion, home goods, sports, catering and garden centers. Swan Retail said it is working to restore systems quickly.
How it Could Affect Your Customers’ Business: This is a good example of what happens when an important service provider gets shut down by ransomware
Kaseya to the Rescue: See how the solutions in Kaseya’s Security Suite help IT professionals minimize risk, avoid cyberattacks and build a cyber-savvy workforce. WATCH THE WEBINAR>>
Australia – Energy One
Exploit: Hacking
Energy One: Business Software Provider
Risk to Business: 1.413 = Moderate
Wholesale energy software provider Energy One has revealed that a cyberattack on August 18, 2023, resulted in some corporate systems in Australia and the United Kingdom being taken offline. Energy One specified that it has disabled some links between its corporate and customer-facing systems as a safety measure. It is also working to determine what if any data was accessed by the attackers. The company said it has engaged cyber security specialists, CyberCX, and alerted the Australian Cyber Security Centre and certain UK authorities about the incident, which remains under investigation.
How it Could Affect Your Customers’ Business: It is important that companies ensure that they have a plan in place for all types of incidents.
Kaseya to the Rescue: Learn more about how our Security Suite can help MSPs protect their clients from expensive and damaging cyberattacks and other information security trouble. GET THE FACT SHEET>>
Australia – The au Domain Administration
Exploit: Ransomware
The au Domain Administration: Domain Authority
Risk to Business: 1.302 = Extreme
The au Domain Administration has finally admitted that it has been the victim of a cyberattack by the ransomware group NoEscape. AuDA had maintained that it had not fallen victim to a cyberattack initially but changed its tune after the ransomware group posted a sample of AuDA’s data on its leak site. NoEscape says that it has pilfered more than 15GB of data, providing screenshots of some AuDA customer documents as proof of the hack. AuDA said that it is auDA working with the Australian Cyber Security Centre, the Department of Home Affairs and the Office of the Australian Information Commissioner as well as outside cybersecurity experts in its ongoing investigation.
How it Could Affect Your Customers’ Business: Ransomware can hit any organization in any sector, and every business needs to be ready.
Kaseya to the Rescue: Follow the path to see how Managed SOC defends businesses from cyberattacks efficiently and effectively without breaking the bank in a handy infographic. GET IT>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident
Explore how AI technology helps businesses mount a strong defense against phishing GET INFOGRAPHIC>>
New Disaster Preparedness Campaign
Disasters can happen at any time. This new campaign will help you educate clients about the importance of disaster preparedness. SEE CAMPAIGN>>
Disaster Preparedness: Surviving the Unexpected
MSP Value Proposition:
An unexpected disaster can devastate a business, resulting in costly downtime, data loss, and reputational damage that can be tough to overcome. Help clients and prospects understand the importance of effective disaster preparedness planning that will help them bounce back from natural disasters, cyber incidents, and other unforeseen events.
End Buyer Value Proposition:
From spilled coffee on a laptop to flooded offices, disasters come in all types and sizes. Make sure you’re ready to respond to whatever comes your way by developing a comprehensive disaster preparedness strategy that reduces the likelihood and impact of disasters—both big and small—on your business.
Check out our Quick Start Guide for help learning how to use the Pro Campaigns.
How much is data really worth on the dark web? Find out in The IT Professionals Guide to the Dark Web! GET EBOOK>>
The Comprehensive Guide to Business Email Compromise 2023 Edition
A newly updated 2023 edition of The Comprehensive Guide to Business Email Compromise (BEC) is here! Packed full of updated stats and information about BEC, this guide takes you through BEC events to show you just how those dangerous scams may look and how to keep businesses out of trouble.
Download The Comprehensive Guide to Business Email Compromise 2023 edition now! DOWNLOAD IT>>
Did you miss… How Datto EDR with Ransomware Rollback Helps You Recover Fast from a Ransomware Attack infographic? DOWNLOAD IT>>
Find out about five of today’s biggest dark web threats to businesses in this infographic. DOWNLOAD IT>>
A Lack of Training Haunts Businesses
Cybersecurity awareness training has been a bit of a struggle for businesses to embrace. In the SMB Security for MSPs Report 2022, we asked business IT decision-makers about their commitment to cybersecurity awareness training. Shockingly, only 43% of respondents said that their organization conducts security awareness training at all. That has come back to haunt many businesses. Later in the report, we asked small businesses about their security woes, more than 40% of respondents blamed their security issues on a lack of training for employees – and they’re right. Let’s look at why cybersecurity awareness and phishing resistance training is a must-have for every business.
Excerpted in part from our new eBook Security Awareness Upgraded: Enter the Simulation. GET IT>>
Why security awareness training matters
Security awareness training is a modern essential for many reasons. First and foremost, it can prevent employee errors that lead to a data breach or cyberattack. Even a modest investment in security awareness and training has a 72% chance of significantly reducing the business impact of a cyberattack. Plus, security awareness training is now required by most insurers to obtain or remain compliant with requirements for obtaining cyber insurance. It has also become a requirement for compliance with many regulatory standards.
3 big benefits of security awareness training
- Only 16% of employees recognize cyber threats without security awareness training
- Trained employees reduce the likelihood of security incidents by up to 70%
- Trained employees reduce the financial impact of a cyberattack by 72%
Explore the nuts and bolts of ransomware and see how a business falls victim to an attack. GET EBOOK>>
Lack of employee training engagement and security knowledge retention hurts businesses
It’s essential that training captures an employee’s attention in order for it to be effective. The best and most comprehensive training programs require employees to take initiative, learn the material and retain it. To defend against the draining effect of employee apathy, trainers need to become storytellers. Consistent messaging that fosters a culture of security is essential to the success of a security awareness training program
Employees aren’t naturally security savvy
- 45% of respondents in a HIPAA Journal survey said that they don’t need to worry about cybersecurity safeguards because they don’t work in the IT department.
- An estimated 97% of employees in a wide array of industries are unable to recognize a sophisticated phishing email
- Negligent employees create over 60% of security incidents.
It’s smart to focus on phishing
A comprehensive security awareness training program includes elements like password hygiene and best practices for data privacy and security. However, when it comes to the human element of cybersecurity, phishing is one of the biggest potential vulnerabilities.
Unlike a DDoS attack, phishing preys on human emotions, and most of today’s most damaging cyberattacks start with a phishing email. It’s essential that businesses harden security against phishing by educating employees about phishing to inoculate them against falling for these manipulative attacks. Research shows that 1 in 3 employees are likely to click links in phishing emails — and it only takes one misguided click to cause a potentially catastrophic breach.
Get the scoop on 5 of the worst email-based attacks plus tips to protect businesses from them. GET INFOGRAPHIC>>
6 Must-Haves for a Phishing Simulation Platform
A phishing simulation platform can help control costs, keep your employees up to date and reduce your IT overhead. However, not all platforms have the same capabilities. Look for these properties in your ideal vendor:
- Ease of deployment – It should be easy to set up and run simulations without overtaxing the IT team.
- Engaging content – A rich set of plug-and-play simulation kits, along with training that employees are eager to engage with.
- Flexibility – Administrators should be able to customize the phishing emails to be more relevant to the organization, create their own materials or use pre-made templates.
- Automation – The ability to schedule training and simulations in advance.
- Reporting – Reports that show results for the organization and individuals to drive continuous improvement.
- Multiple languages – Training materials should be accessible and understandable, even by employees who don’t speak English.
Kaseya’s Security Suite Offers IT Professionals the Tools for Security Success
Get powerful protection and must-have tools for keeping businesses out of cybersecurity trouble with Kaseya’s Security Suite.
BullPhish ID — This effective, automated security awareness training and phishing simulation solution provides critical training that improves compliance, prevents employee mistakes and reduces a company’s risk of being hit by a cyberattack.
Dark Web ID — Our award-winning dark web monitoring solution is the channel leader for a good reason: it provides the greatest amount of protection around with 24/7/365 human and machine-powered monitoring of business and personal credentials, including domains, IP addresses and email addresses.
Graphus — Automated email security is a cutting-edge solution that puts three layers of AI-powered protection between employees and phishing messages. It works equally well as a standalone email security solution or supercharges your Microsoft 365 and Google Workspace email security.
Kaseya Managed SOC powered by RocketCyber — Our managed cybersecurity detection and response solution is backed by a world-class security operations center that detects malicious and suspicious activity across three critical attack vectors: endpoint, network and cloud.
Datto EDR — Detect and respond to advanced threats with built-in continuous endpoint monitoring and behavioral analysis to deliver comprehensive endpoint defense (something that many cyber insurance companies require).
Top Cyberattack Trends of 2023
A review of this year’s worst attacks and how to mount a defense
Tuesday, August 29, 2023 |12pm ET | 9am PT
In today’s cybersecurity landscape, nothing is constant except change. 2023 has been no exception. In the Mid-Year Cyber Risk Report 2023, we explored six of the cyber risks that are trending now, with real-life examples. Join Miles Walker, Channel Development Manager, on August 29, 2023, at 12 pm ET/9 am PT for a deep dive into this year’s worst attacks and how to mount a defense that can keep your business out of trouble. REGISTER NOW>>
August 22: Kaseya + Datto Connect Local Kansas City REGISTER NOW>>
August 29: Kaseya + Datto Connect Local San Diego REGISTER NOW>>
August 29: Kaseya + Datto Connect Local Denmark REGISTER NOW>>
August 31: Kaseya + Datto Connect Local Sweden REGISTER NOW>>
September 7: Kaseya + Datto Connect Local Netherlands REGISTER NOW>>
September 14: Kaseya + Datto Connect Local San Antonio REGISTER NOW>>
September 21: Kaseya + Datto Connect Local Nashville “Building the Business” Series REGISTER NOW>>
September 26: Kaseya + Datto Connect Local Sugarland Sales & Marketing Series REGISTER NOW>>
September 28: Kaseya + Datto Connect Local Charlotte REGISTER NOW>>
October 2 – 4: Kaseya DattoCon in Miami REGISTER NOW>>
Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!