Wednesday, April 28, 2021

Ransomware Risk is a Rising Tide That Can Swamp Your Business

Ransomware Risk is a Rising Tide That Can Swamp Your Business


Cybercriminals are refining their approach to ransomware, and risk has risen worldwide. Targeted ransomware is today’s rising trend. Researchers determined that targeted ransomware has grown by an eye-popping 767%, easily dwarfing all other types. Recent numbers logged by UK researchers show a record-breaking 11% year-on-year increase in attacks against UK targets in Q1 2021.

Every business is at risk of falling victim to ransomware – after all, more than 60% of organizations worldwide experienced a damaging ransomware incident in 2020. Ransomware has especially battered healthcare targets, but that’s not the only industry that’s experiencing increased risk. No matter the size, your business is at an increased risk of experiencing a ransomware incident in today’s volatile threat landscape, and that danger is growing.

How can you guard against becoming a victim of targeted ransomware? By taking sensible precautions that keep your systems and data safe, like phishing resistance training using BullPhish ID. Your employees can learn to spot and stop real risks that are prevalent in your industry in customized phishing simulations. If you’re not already using multifactor authentication with Passly, this is a great time to add it. It stops 99% of password-based cybercrime, including cybercriminals with a password that they just phished off an unwary employee. 

In a 2021 survey, 70% of survey respondents said that they believe that their business will be harmed by email-based attacks like targeted ransomware attacks in the next year, up from 59% in 2020. But you don’t have to join that number- put strong protections in place now and you can have peace of mind that you’ve chosen a powerful defense for your essential systems and data.


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5831

Week in breech



United States – Manhunt

https://www.infosecurity-magazine.com/news/dating-service-suffers-data-breach/

Exploit: Hacking

Manhunt: Dating App

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.667= Severe 

Social network and dating site Manhunt has suffered a data breach. The company filed a declaration with Washington state regulators disclosing that the 20-year-old site was compromised in a cyberattack that took place in February 2021. An unauthorized third party downloaded personal information belonging to some Manhunt users after gaining access to the company’s account credential database. In the notice of data breach, Manhunt revealed that the personal information of an estimated 7,714 Washington residents had been affected, but did not say how many of the site’s approximately 6 million users outside of Washington state were affected.

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.667= Severe 

The compromised database contained customers’ usernames, email addresses, and passwords. After discovering that a breach had occurred, Manhunt performed a forced reset of all users’ passwords. The stolen information could be used to mount phishing, blackmail and identity fraud attacks. 

Customers Impacted: Unknown

How It Could Affect You: Hacking into databases is a profitable enterprise for cybercriminals, especially when juicy personal details are acquired. If you’re storing that kind of information, ensuring that you’re using strong security for information storage is essential.

United States – Eversource Energy

https://www.bleepingcomputer.com/news/security/eversource-energy-data-breach-caused-by-unsecured-cloud-storage/

Exploit: Unsecured Database

Eversource Energy: Power Company 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.807= Severe 

Eversource Energy, the largest energy supplier in New England, has suffered a data breach after customers’ personal information was exposed on an unsecured cloud server. The company serves 4.3 million electric and natural gas customers throughout Connecticut, Massachusetts, and New Hampshire. The unsecured database allegedly contained unencrypted files created in August 2019 that included the personal information of 11,000 Eversource eastern Massachusetts customers.

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.177= Severe 

Eversource Energy disclosed to customers that the unsecured cloud storage server exposed their name, address, phone number, social security number, service address, and account number. The utility is offering a free 1-year identity monitoring service for impacted customers through Cyberscout.

Customers Impacted: Unknown

How it Could Affect You Unsecured data is a rookie move. Make sure that everyone is following cybersecurity best practices to avoid costly mistakes. 



United States – Radixx

https://www.bleepingcomputer.com/news/security/eversource-energy-data-breach-caused-by-unsecured-cloud-storage/

Exploit: Malware

Radixx: Software Company 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.207 = Severe

Travel software company Radixx has disclosed a data breach caused by a malware attack that has triggered a dayslong outage, snarling reservations systems at about 20 low-cost airlines around the world. The company said it noticed “unusual activity” around its reservations program on Tuesday. It did not describe the malware or say how it got into the program. Radixx’s parent company is travel software giant Texas-based Sabre Corp.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect You: Hacking that disrupts operations has become an increasingly serious problem for businesses that provide services like software and data storage. 



United States – Gyrodata 

https://portswigger.net/daily-swig/mining-technology-company-gyrodata-hit-by-ransomware-attack-employee-data-leaked

Exploit: Ransomware

Gyrodata: Mining Technology

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.463 = Severe 

A ransomware attack against mining technology organization Gyrodata has potentially leaked the sensitive information of current and former employees. Gyrodata said it has been the victim of a ransomware attack that led to a possible data breach. So far, the number of potential victims has not been confirmed, though Gyrodata, which is headquartered in Houston, Texas, has multiple offices worldwide in countries including Saudi Arabia, UAE, Ecuador, Malaysia, and Scotland.

Individual Impact: No sensitive personal or financial information was confirmed as compromised in this incident, but the investigation is ongoing. 

Customers Impacted: Unknown

How it Could Affect You: Ransomware has been an increasingly popular tool for cybercriminals to use against targets in the education sector. Preventing it from hitting systems is just as important as protecting data.






United Kingdom – University of Portsmouth

https://www.infosecurity-magazine.com/news/campus-closed-portsmouth/

Exploit: Ransomware

University of Portsmouth: Institution of Higher Learning 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.672 = Severe 

IT systems at the University of Portsmouth were knocked offline this week after a supposed ransomware attack, delaying the start of the new term. Although it was due to open on Monday for the start of the summer term, the university campus will continue to remain closed to students until at least 04/30/21 due to an inability to access online learning or data tools. 

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing. 

Customers Impacted: Unknown

How it Could Affect You: Ransomware, especially targeted ransomware, is the weapon of choice for cybercrime, and ransoms have been skyrocketing as criminals grow more brazen about disrupting business operations and holding them hostage until they’re paid. 



France – Laurent Perrier

https://securitynewswire.com/latestsecuritynews/mobile_article.php?title=Fr_Champagne_group_Laurent_Perrier_has_been_victim_of_cyber_attack

Exploit: Ransomware

Laurent Perrier: Champagne Maker 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.217 = Severe

French Champagne giant Laurent Perrier had fallen victim to ransomware. The company is beginning investigation and recovery, but some IT systems are still offline, impacting production and delivery. The French champagne house is the main company of the Laurent-Perrier Group, whose other flagship brands include the houses of Salon, De Castellane and D. 

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect You: Cybercriminals love ransomware because it is easy and profitable. Companies need to pay close attention to ransomware trends to stay out of their clutches. 



cyberpunk 2077 malware represented by a futuristic looking cityscape featuring many neon signs at night


Australia – ClickStudios 

https://www.scmagazine.com/home/security-news/data-breach/researchers-say-password-manager-hit-in-supply-chain-attack/

Exploit: Hacking

ClickStudios: Password Security Software Company 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.112 = Severe

Researchers report that password manager maker ClickStudios suffered a breach, sometime between April 20 and April 22, which resulted in the attacker dropping a corrupted update to its password manager Passwordstate. A zip file contained a dynamic link library with the malicious code, according to the blog. The associated malware dubbed Moserpass – which was in the file name of a malicious dll found by researchers – called out to a command and control server to execute the next stage of the attack. However, that server went down before CSIS Security Group could grab and examine any second-stage malware that might have been used in follow-up operations. The compromise is under investigation. 

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect You: Ransomware is the weapon of choice for cybercrime, and ransoms have been skyrocketing as criminals grow more brazen.






Taiwan- Quanta 

https://www.reuters.com/technology/apple-supplier-quanta-says-no-business-impact-ransomware-attack-2021-04-21/

Exploit: Ransomware

Qanta: Technology Manufacturing 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.661 = Severe 

Apple supplier Qanta is dealing with a suspected ransomware incident. Quanta Computer is a manufacturer of many flagship Apple products, including its MacBook line. Russian hacker group REvil is the culprit. The gang says that it has had accessed confidential data from the Taiwan-based contract manufacturer’s servers. the data includes stolen blueprints for unreleased products, and the hackers are threatening to release more. data after posting samples on their hack site. The ransom demand is rumored to be in the tens of millions of dollars and the cybercriminals are demanding payment by May 1. 

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect You: Cybercrime is around every corner, especially ransomware. Protecting sensitive data like schematics and blueprints is vital for components and technology manufacturers, especially for new products. 






1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5831

Friday, April 23, 2021

Third-Party Risk Brings Danger to Your Door Daily

Third-Party Risk Brings Danger to Your Door Daily


Even if you’re making all the right cybersecurity moves, can you be certain that every organization that your business has a relationship with is doing the same thing? 98% of organizations have had a threat arrive at their doorstep because of a data breach or security incident a third party or supply chain source in the last 12 months – and that’s a vector for incoming cyberattacks that you may not even know about.

Third-party and supply chain risk can come from any vendor or service provider that you do business with. Are you outsourcing file transfers or information storage? That’s how more than a dozen universities were hacked using information gained in a breach at transference and collaboration specialist Accellion. Using specialized software for fundraising? Hundreds of leading charitable organizations and trusts were too – and many of them were hacked because of a data breach at software provider BlackBaud. 

No business can exist without others. Any organization that has information about your business could be putting your systems and data at risk. As the world becomes more interconnected and cloud-based, that risk is growing every year. New cyberattacks fueled by dark web data are adding to that risk too. At the start of 2020, an estimated 65% of the information already on the dark web could harm businesses, and 22 million more new records were added by the end of that year.

Reduce your company’s chance of damage from a third party or supply chain based attack by taking a few simple precautions. Add multifactor authentication to every account – Microsoft says that it stops 99% of password-based attacks. Increase phishing resistance training too. Much of the data that bad actors gain is used for spear phishing. Dark web monitoring helps reduce risk too by alerting you if any of your company’s protected credentials are exposed.

How about some good news? By following these tips, you’re not just increasing your company’s protection against third party and supply chain risk. You’re also boosting your organization’s overall cybersecurity posture against many other damaging risk like ransomware and account takeover as well as increasing your cyber resilience – and that delivers you some much-needed peace of mind.


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5831

Secure Your Clients Against Third Party/Supply Chain Risk Fast

Secure Your Clients Against Third Party/Supply Chain Risk Fast


CISA has declared April National Supply Chain Integrity Month. But you don’t have to be a US-based business to benefit from this helpful reminder! No business is an island and third-party/supply chain risk is snowballing for every organization. As a flood of records stolen in data breaches continues to fuel cybercrime from the dark web, your clients are at an increased risk for BEC, ransomware, spear phishing, impersonation scams and so much more. this problem isn’t going away anytime soon. In fact, expect it to continue getting worse. You’ll want to review your clients’ security posture against third-party and supply chain risk today(TPR/SCR) – and we’re here to help you address vulnerabilities fast!


get cyber resilient to avoid healthcare ransomware attacks



Almost Every Business Experienced a TPR/SCR Risk in 2020

In an increasingly interconnected world, companies are more intertwined than ever before. MasterCard’s Risk Recon unit reported on the proliferation of risk factors that businesses face today in The State of Third-Party Risk. Their survey respondents said that when it came to the necessity of checking vendors for cybersecurity risks, one-third assessed fewer than 25 vendors annually, another third checked between 25 and 100 and the last third dealt with more than 100 vendors. About 5% of respondents were in charge of assessing more than 750 third per year! Even a highly reputable major vendor like Microsoft could saddle businesses with an unexpected vulnerability.

Just because they’ve reached out to assess cybersecurity procedures and policies at a potential third party or supply chain connection, that doesn’t mean that the connection is safe. While 81% of respondents claimed that 3/4 of their vendors pass their security questionnaires, only 14% of those surveyed trust those responses. 31% of respondents stated that they have vendors they considered to be a material risk in the event of a data breach. That tracks with other industry data indicating that an astonishing 98% of monitored organizationsclocked a threat from a supplier domain in 2020.



Don’t miss these bad password lists & good password tips. DOWNLOAD IT>>


More Dark Web Data = More TPR/SCR

Why are organizations facing more relationship risk than ever before? An enormous amount of data hit the dark web last year, including an estimated 22 million new records. Experts already estimated that 65% of the information on the dark web at the start of 2020 could harm businesses. Those new records and other scraped or stolen information provide abundant fresh fuel for cybercrime, increasing everyone’s risk. Threats from suppliers’ jacked domains are also a huge problem. Cybercriminals piggybacking on legitimate business domains has increased risk in every sector. About 74% of those threats are phishing attempts or impostor schemes, and almost 30% were malware-related.

Newly ascendant supply chain and third-party risks have had a profound impact on business security. When looking at the fallout, another survey reported that 80% of respondents had suffered at least one breach via the supply chain, a majority had suffered at least two breaches and one in ten had suffered more than six. The manufacturing sector was especially beleaguered, with 57% of survey respondents saying they have suffered breaches related to supply chain exposure in the past 12 months. Visibility is a major concern – 29% of the executives said they had no way of knowing if a risk was spawned at a vendor until it became a cyberattack on their business.


malicious insider threats represented by a crime comic style blue eye looking through a peephole.



Mitigating This Risk Isn’t Impossible

TPR/SCR may be growing, but there’s no reason why your clients can’t gain some peace of mind against it when you guide them into taking a few practical, affordable steps to minimize their exposure and keep their data safe. The best part is that not only will these moves protect them from TPR/SCR, they’ll also gain additional protection against other cyberattacks that they might be faced with, increasing their overall cyber resilience. 

Password Compromise 

This huge pitfall is one of the top ways that companies gain risk exposure through the supply chain because password reuse is endemic and at least 65% of people reuse passwords across the board, including for business or enterprise accounts. But two solutions are strong defenders in the fight against password compromise risk from these sources.

  • Multifactor authentication stops 99% of password-based cybercrime including an employee’s often-recycled password, and it’s just one of the many tools that boost security through Passly.
  • Dark web monitoring with Dark Web ID gives IT teams crucial time to respond if a company’s passwords hit dark web markets or dumps no matter where they’re snatched from enabling companies to react before the bad guys do.

Spear Phishing & Ransomware

Exponential growth in phishing risk has put every business solidly in cybercriminal sights. Bad actors are using the data gleaned from breaches at service providers, manufacturers, wholesale suppliers, transportation companies, business services firms and more to mount phishing-based cyberattacks on companies in every industry. 

  • Reduce the chance of a phishing attack from harming a business by up to 70% with security awareness and phishing resistance training through BullPhish ID
  • Repeat that training at least quarterly using preloaded phishing simulation kits or customize the content to reflect industry-specific dangers including attachments and URLs

Securing your clients against the escalating risk that comes from third parties or the supply chain immediately is crucial – 72% of compliance leaders expect the number of TPR/SCR risk that companies face to increase in 2021. By acting now to take sensible precautions, you and your clients can feel confident that you’re insulated against this growing threat vector. Contact the experts at Bit by Bit to find the perfect combination of solutions to defeat this risk.


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5831