Thanks to everyone who signed up to receive monthly information about email security. Many breaches could have been avoided if the proper email security was in place. Here are 5 cyber attacks that could have been avoided.
Thanks to all 14,832 subscribers. It really takes a community to fight against cyberattacks. Help us with our mission of helping 100,000 organizations become cyber-resilient by sharing this newsletter with your network!
In this week's Cyber Weekly:
GoAnywhere File Transfer service was hacked a few weeks ago. We’ve already reported on several organizations affected by the breach. The latest victim is a school in Tasmania, Australia where 16,000 files were leaked on the dark web. The hackers didn’t ask for a ransom. The files contain sensitive information about invoices and the children’s names, addresses and their parents’ names.
“The information released includes financial invoices and statements, including information relating to student assistance applications. This may include names and addresses and this is an evolving situation,” said the state’s science and technology minister, Madeleine Ogilvie. (theguardian)
My thoughts: It’s the beginning of a new era – where we will start paying attention to who we do business with. AND we will pay attention to their cyber security measures. If this story isn’t enough to persuade you to perform an “audit” of your vendors and their security, here are 5 third-party breaches that might convince you to take action.
Groupe Nordik owns Thermea spa village. They have three locations – Winnipeg, Quebec and Ontario. They learned in February that they were breached. Credit card information, full names, and addresses may have been compromised. The parent company only notified customers this week that their information was stolen. Customers have been sharing their stories online about the aftermath. One woman said she was charged $700 on her credit card. Another man said that the company engaged in weak data practices and will not return to this spa. (cbc, globalnews, citynews)
My thoughts: I think they should have told customers about the hack much earlier. Their customers could have been on the lookout for any strange charges. Unfortunately they may lose customers as a result of this incident.
New Jersey County Police Department was the lasts victim of a malware attack that locked up files regarding active criminal investigations. The hackers demanded hundreds of thousands of dollars to unlock the files. It is unsure if the department plans on paying the ransom. However, emergency services were not affected thankfully. At the time of writing this, about 80% of files were reopened. (nbcnewyork)
My thoughts: With limited technical details shared, it is obvious they didn’t have a backup or at least a recent backup of all their files. Perhaps their backups were also compromised? All organizations need their RPO and RTO to be aligned with what the department or business needs. How often do they need to backup information? In these case, they probably need backups taken a few times daily. Here is an article about the 3-2-1 backup rule to avoid even thinking about paying a ransom demand.
The Canadian communications giant, Rogers, suffered a severe outage for 12 million customer for 19 hours last year. It started a wave of discussions about how vulnerable we were as a nation. The giant Telco assured everyone that it was just an “IT issue” and there was nothing to worry about in terms of data privacy. This week, the Rogers’ database was apparently found being sold on a Russian forum online. (cybernews)
My thoughts: Was Rogers hacked and were they just trying to cover it up? Was this data stolen as part of that outage? This also highlights how important it is to protect your Active Directory landscape because it contains so much sensitive data. What are your thoughts?
Assurance IT is on a mission to help 100,000 companies become cyber resilient through our services and free content. We focus on helping mid-sized organizations with data protection and data privacy. Our primary services include: endpoint management, cloud backup, DRaaS, and Microsoft 365 backup. Help us accomplish this mission by sharing this newsletter to your network!
Access monthly conversations with IT & Tech Leaders about the hottest cyber security topics in the industry.