Technology companies come and go, but Bit by Bit backs its service with 30 years of experience helping businesses achieve their goals with reliable IT solutions and support.
We were established in 1987 as a database application development and networking company, and since then we’ve evolved into a full-service IT firm and leader in delivering powerful and cost-effective technology solutions. visit our site at www.bitxbit.com
Cyberattack threats are headed for your business. In the recent IBM Cyber Resilient Organizations Study 2021, researchers reported that 67% of respondents said that the volume and severity of cybersecurity incidents that they’re facing has increased in the past 12 months. With the pace so high, you can’t afford to put your business operations on hold while you pivot to incident response. That’s why you need to make sure that you’re building a cyber resilient organization that can keep on chugging in adverse conditions.
One of the most impactful ways that you can build your cyber resilience is by choosing a zero-trust approach to your company’s security. When researchers asked the leading businesses in the survey about the benefits of zero-trust security, 65% said that zero-trust security has fundamentally strengthened their cyber resilience.
Zero-trust security architecture is also the model that the US federal government is moving toward, and elements of that strategy will be required for federal contractors in the near future. Start your journey to a cyber-resilient zero-trust security model by implementing identity and access management (IAM) with s a solution like Passly. Multifactor authentication, a feature of IAM solutions, is a foundational element of zero-trust security as well as a smart choice to immediately improve your company’s cyber resilience.
Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas
877.860.5831
Zero-trust security has been a hot topic, especially in light of rulemaking by the US federal government to move agencies and government contractors into a zero-trust framework in response to a spate of damaging high-profile infrastructure and supply chain attacks that sometimes included nation-state threat actors in 2021. The Colonial Pipeline incident and the subsequent outcry was a major catalyst for action at both the federal and state level. Cybersecurity legislation is on the agenda in every state legislature and congress, and many of those proposals include zero-trust elements.
The Cyber Resilient Organizations Study has previously reported on the benefits of zero-trust security. This year, researchers took another look at how using a zero-trust approach to security benefits businesses and reduces risk, specifically by boosting their cyber resilience. Those findings showed that 35% of respondent organizations said that they have already adopted a zero-trust security strategy. Of that group, 65% agreed that zero-trust security fundamentally strengthens cyber resilience. That’s a great idicator that increased cyber resilience is a useful goal when looking ant big-piture ways to avoid a costly data breach.
Why Are Companies Adopting Zero-Trust?
66% said to improve operational efficiency
63% to reduce security risks
38% said for better IT team support
34% said to reduce costs
23% said for a competitive advantage
4% cited other reasons like regulation
What Leaders Are Doing & How to Follow Them
Taking a look at what the leading organizations in the survey are doing to achieve high cyber resilience is important to determine exactly what benefits businesses get from building their cyber resilience. It also opens a window into the security mindset of leading organizations. There have been a few changes from 2020’s results that are evident in the 2021 survey as businesses have grappled with the volatility of today’s threat landscape.
What Are Leaders Considering?
66% of 2021 leaders say that security automation and AI are important, up slightly from 63% in 2020
60% recognize that cyber resilience impacts a company’s revenue, up from 56% in 2020
41% say that cyber resilience impacts brand value and reputation, down from 46% in 2020
And new this year, 41% of leaders are regularly assessing third-party risk
IBM also lays out a series of recommendations to improve cyber resilience:
Create and test incident response plans: comparison research shows that regularly updating and reviewing incident response plans was a key reason why cyber resilience improved for 47% of high performers. IBM recommends developing both enterprise-wide CSIRPs and threat-specific incident response plans as well as drilling them regularly.
Protect your critical databases: 52% of the survey respondents ranked leakage of high-value information assets as a key measure of severity in data breach incidents. Developing a comprehensive data security strategy is suggested to help organizations reduce risk.
Keep systems running with advanced protection from cyberthreats: 47% of the companies surveyed ranked data center downtime as a key measure of severity. The report points to proactive threat management with a zero-trust approach as a good way to avoid system downtime.
Speed up analysis with AI and threat intelligence: 47% of respondents cited diminished productivity of employees as a measure of severity in security incidents. More advanced analytics and automated workflows are pointed out as processes that can give teams time back for threat investigation.
Break down silos and increase visibility: High-performing organizations said that the inability to reduce silos(87%) and lack of visibility into applications and data assets (74%) were their top two blockers when it comes to improving their cyber resilience. Researchers say that an open platform that fosters integrations between technology can help unite disjointed processes and data and provide broad visibility.
Implement a patch management strategy:Delay in patching vulnerabilities is always a security bugbear, and 59% of average respondents cited it as a major reason why their organization’s cyber resilience didn’t improve. IBM suggests a formal vulnerability management program to help cybersecurity teams proactively identify, prioritize and remediate the vulnerabilities that threaten critical assets.
Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas
877.860.5831
Canada’s biggest cyberattack ever disrupts Newfoundland and Labrador healthcare, ransomware is the real villain at Diamond Comic Distributors, phishing wreaks havoc at a defense contractor plus a look at the big benefits of high cyber resilience from the new 2021 IBM Cyber Resilient Organizations Study.
It’s a bird, it’s a plane, it’s a ransomware attack at Diamond Comic Distributors. The Baltimore-based company, the exclusive distributor of Image Comics and a publishing outlet for dozens of small-press comics publishers, suffered a ransomware attack last Friday that took down the company’s website and customer service platforms all weekend into Monday. Diamond said in a statement that it did not anticipate that any customer financial data had been impacted by this event. Investigation and recovery is underway with some functions already restored.
Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.
A phishing attack that snared an employee is the suspected cause of a breach at defense contractor Electronic Warfare Associates (EWA). The company is a major provider of specialized software for the US defense establishment including the Pentagon, the Department of Defense (DoD), the Department of Justice (DoJ) and the Department of Homeland Security (DHS). EWA’s investigation determined that an attacker broke into an EWA email account in August 2021 after a phishing operation. The intrusion was uncovered when the attacker attempted a wire transfer. Employee PII was exposed and concern remains that sensitive defense information may also have been exposed.
Individual Risk: 1.703=Severe
EWA has admitted that the attackers snatched files with certain personal information including name and Social Security Number and/or drivers’ license number for an undisclosed number of EWA employees, but no further information was given.
Newfoundland and Labrador Health: Healthcare System
Risk to Business: 1.442=Extreme
What may be the largest cyberattack in Canadian history crippled the healthcare system of the province of Newfoundland and Labrador on October 30th. The suspected ransomware attack hit scheduling and payment systems, causing widespread interruptions in patient care including the cancellation of all non-urgent imaging and medical appointments well as a reduction in chemotherapy sessions and significant complications the province’s COVID-19 response. Eastern Health reported that their payment systems to suppliers and vendors were also targeted by the attack. Email and telephone capability has been restored in some locations and an investigation is ongoing.
Individual Impact: No information about the exposure of patient information was disclosed in this incident as of press time.
Maritime clients who use the communication systems of Danaos Management Consultants found themselves without some communications capability after a cyberattack blocked their communication with ships, suppliers, agents, charterers and suppliers. Several Greek shipping companies were impacted. The incident also resulted in the loss of an unspecified amount of files and correspondence for the impacted shipping firms.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
Electronics retailer MediaMarkt has suffered a ransomware attack that caused the company to shut down some IT systems, impacting store operations in Netherlands and Germany. While cash registers and payment card systems in brick-and-mortar locations were disrupted, online sales were not impacted. The attack was purportedly carried out by the Hive ransomware outfit who initially demanded $240 million in ransom.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
South Australia’s Department for Infrastructure and Transport confirmed that mySA Gov accounts were compromised through a cyber attack. Officials went on to say that the hackers gained access to several mySA Gov accounts that were secured with recycled passwords. The department went on to say that there was no evidence of any unauthorized transactions on the impacted accounts while encouraging users to update their passwords.
Individual Risk: 1.595 = Extreme
A report from ABC says that 2,601 mySA Gov accounts were accessed in the attack, with 2,008 of them containing registration and licensing information. It is unclear if any information was exfiltrated.
Customers Impacted: Unknown
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas
877.860.5831
The 9th edition of The ENISA Threat Landscape (ETL) report is out, and it lays out the findings of their experts and observers after analyzing what they saw in 2021 including the biggest threats that they see businesses facing today.
To no one’s surprise, ransomware topped the list, climbing up from thirteenth place last year. It was followed by its progenitor malware, falling from the top spot down to number two and cryptojacking which climbed up to number three in 2021 from fifteenth place in 2020.
What does this mean for your business? That building a strong defense against ransomware and mitigating your ransomware risk is more important than it’s ever been before to the continued success of your business – after all, 60% of businesses that are hit by a cyberattack shutter within a year.
Your business isn’t immune to this danger. No business is too small to become the next victim of a ransomware attack – 50% of ransomware attacks in the last 12 months have hit SMBs, and 55% of those ransomware attacks have hit businesses with fewer than 100 employees. ENISA researchers cautioned that small ransoms are popular with cybercriminals because they can get paid without troublesome press coverage.
Be sure that you’ve got the right defenses in place, including a security awareness program like BullPhish ID that helps you defend against ransomware and other cyberattacks to ensure that that your business is ready for whatever cyberthreats you may face in the future.
Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas
877.860.5831
Ransomware sours operations at dairy powerhouse Schreiber Foods, jeweler to the stars Graff is in the wrong kind of spotlight, an old gang with a new name hits the NRA, trouble at the Toronto Transit Commission and a look at the 9 biggest threats from ENISA’s Threat Landscape (ETL) report.
What was that noise? Is it a ghost or one of the Monsters of Cybersecurity breaking in to steal your data? Learn how to ward off those foul fiends fast! READ IT IF YOU DARE!>>
National Rifle Association: Gun Rights Activist Group
Risk to Business: 1.417= Severe
Guess who’s back? Cybersecurity researchers believe that the notorious Evil Corp has rebranded itself as Grief, the group that has claimed responsibility for a probable ransomware attack at The National Rifle Association (NRA). Grief posted 13 files to its news website last Wednesday after they claimed to have hacked the NRA. The gang is threatening to release more of the files if they’re not paid, but no ransom demand was specified. NBC News reported that the files it saw were related to grants. The samples provided by the gang include blank grant proposal forms, a list of recent grant recipients, an email to a recent grant winner earlier this month, a W-9 form and the minutes from a September 24th NRA teleconference meeting.
Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.
A ransomware attack on medical practice management services firm PracticeMax may have exposed Protected Health Information. The company notified members of Village Health that they may have been impacted by a cyberattack in April and May of 2021. VillageHealth is a care coordination program for patients with chronic conditions run by DaVita Inc. and offered through health plans including Anthem and Humana. PracticeMax indicates the breach affected more than 4,400 of its members in legal filings, but a company statement warns that they cannot say for sure that any data was actually accessed or stolen.
Individual Risk: 1.703=Severe
In breach notification letters being sent on behalf of DaVita, Humana and Anthem, PracticeMax says the incident affected PHI including members’ first and last name, date of birth, address, phone number, Social Security Number, member ID number and clinical data pertaining to services received through the VillageHealth program.
Wisconsin-based dairy powerhouse Schreiber Foods said its plants and distribution centers are back up and running after a ransomware attack ground operations to a halt over the weekend. The company announced that a “cyber event” had disrupted operations at its processing and distribution centers after critical systems were knocked or taken offline. Schreiber uses a variety of digital systems and computers to manage milk processing, so this event impacted the entire dairy supply chain in the US. This is the latest incident in a string of massive production-impacting cyberattacks against agricultural sector targets. The company is the largest milk processor in Wisconsin, and it has reportedly been hit with a $2.5 million ransom demand.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
Toronto Transit Commission (TTC): Government Entity
Risk to Business: 1.615= Severe
The Toronto Transit Commission was the victim of a ransomware attack that it says began last Thursday night and expanded on Friday. Officials were quick to assure the public that the attack has not caused any significant disruption to transit service and the public and employees are not at risk. They specified that transit vehicles are continuing to service their routes, but apps and computer displays of route information are being affected. There’s no word on when those functions will be restored.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
The Conti ransomware gang made headlines again with a successful ransomware attack against high-society jeweler Graff. The company counts clients like Donald Trump, David Beckham, Oprah Winfrey and other major-league clientele. Graff operates at the top end of the diamond jewelry market, with more than 60 retail stores worldwide. Reports say that the Conti group has already posted 69,000 confidential documents on its dark web leak site including client lists, contact data and other proprietary information. Ransom demands are reported to be in the millions of pounds.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
For the third time this year, cybercriminals have hit lending platform C.R.E.A.M. Finance, stealing cryptocurrency. This time, thieves made off with $130 million worth of cryptocurrency assets. According to the experts, the attackers have likely exploited a vulnerability in the platform’s flash loan feature, then transferred the stolen funds to a wallet under their control before splitting them through other wallets. This is the third successful heist from the platform this year. Crooks jacked $29 million in August 2021 and $37 million in February 2021.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
The Desorden ransomware group claims to have stolen over 400GB of files and databases containing information belonging to millions of hotel guests of Thailand’s Centara Hotels & Resorts. The hotel chain is part of Central Group, a conglomerate that also includes the Central Restaurants Group, which it hacked earlier this month. The hackers made it clear that this attack was in retaliation for the Central Group’s refusal to pay the ransom for the first attack after negotiating and promising payment. That incident would have provided a ransom payment of $900,000 before Central Group backed out of the deal on Tuesday, spurring the second attack.
Individual Risk: 1.818 = Severe
The company admitted that attackers had in fact breached their system and accessed the data of some customers. The data accessed includes names, booking information, phone numbers, email addresses, home addresses and photos of IDs. Whether or not passport data was included was not specified but it is commonly requested. The theft is said to have affected guests who stayed at the hotel chain between 2003 and 2021, including any guests that made advanced bookings up to December 2021.
Customers Impacted: Unknown
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas
877.860.5831
