Search
  • Avantia Threat Update

IN 2020 AN INDEPENDENT CYBER SECURITY AUDIT IS ESSENTIAL.

Updated: Jan 30


Before you can determine if you are safe, you need to know what doors are open.

This Past Week: Independent Certified 3rd Party Cyber Security Audits - a ‘necessity’ in 2020; Currency Exchange giant TRAVELEX nailed by malware; How to develop an Incident Response Plan; Predictions of how artificial Intelligence will improve Cybersecurity in 2020; Ransomware closes a company’s doors; An online store gives away customer data; the UK has a rough year for data security and major breached in UNITED KINGDOM; CANADA & USA. 

Dark Web ID Trends:

Top Source Hits: ID Theft Forums  Top Compromise Type: Domain Top Industry: Non-Profit Organization Top Employee Count: 1 - 10 Employees 

______________________________________________________________________________


HOLISTIC CYBER SECURITY SAFETY AUDITS “A NECESSITY" IN 2020

Ever since the notion of cybersecurity as a ‘thing’ burst through the radar of Small to Medium Businesses (SME’s) around 2015 with the revelation that major organised crime gangs and state sponsored cyber hackers were utilising the Dark Web, the evolution of Crypto Currencies and the Block Chain ‘deployment’ to feed their criminal empires. SME’s (the ‘low hanging fruit’) have been struggling to come to terms with the the impact that it will have on their businesses. If your organisation is struggling to make sense if it your not alone. Cyber Crime is continuing to evolve and now presents as a major ‘industry sector’ just like “transportation” and “hospitality” etc. Cybercrime, however, fosters international criminal activity which is accelerating at an astounding rate. Experts predict it will rip up to US$12 Trillion out of the world economies by 2023. Malicious hacking for ‘profit’ has grown so quickly over the past 4-5 years that the ‘industry’ seems to ‘grow another face’ every week. That rapid escalation has overwhelmed many with the predictable reaction that they throw their hands in the air, convince themselves that it will only happen to someone else and stick their heads in the sand waiting for it to go away. Clearly, it won’t. In its totality, Cyber Security is such a BIG issue its hard for SME’s to know where to start. Confusion in the market place is fostered in part by hardware & software vendors scrambling to get a piece of the action by launching new ‘tech tools’ as well as the fallout in the vacuum created by the critical shortage of formally trained cyber security personnel. Many SME owners, understandably, who have not “grown up” with computers just don’t understand (and don’t want to understand) the whole cyber ‘thing’. They just want to pass the buck off to someone else to manage cyber security so they don’t have to think about it. Governments around the world see cyber crime as a sovereign risk to their business sectors and their economies and turn to the only leaver they have - regulation and legislation. Many governments and government departments now require that companies in their supply chain to prove that they meet essential cyber security standards before they will purchase goods or services from them. This is now filtering through to Large Companies and so on down the chain to the SME Sector. Many don’t know where to start. Think of it like the dam of a mighty reservoir - where are the cracks in your wall both on the inside and outside, and how do you plug those cracks? Right now you could be thinking I’m OK, I’ve got a great IT/MSP team looking after my cyber security, and that’s great, but who is Monitoring the Monitors? With such a critical issue businesses need certainty. A ‘holistic’ Certified Cyber Security Safety Audit completed by an independent 3rd Party to validate an organisations cyber security status will become essential in 2020. Cyber Risk is about much more than IT infrastructure. It is essential to look at your overall Cyber Risk from a ‘holistic’ viewpoint in the same way that a Doctor looks at your body when you book in for a full health check. They don’t just take your blood pressure, temperature, pulse and a quick physical and send you home - they will also do blood and urine tests, x-ray, ultrasonography, lung function test, cardiac test, check your mental state, medication and many more tests to determine your overall health and wellbeing.  To be valid, an Independent Cyber Security Safety Audit must look look at the ‘whole of business’ risk not just the IT portion. IT risk is not Cyber Security Risk.


The 4 Pillars of Cyber Security are :

Operational Risk > Legal Risk > Reputation Risk and > Recovery Risk

The Risk most companies and IT departments focus on is the Operational Risk and whilst this is an important component its not the only area of risk that can bring an organisation down.


Ask yourself these questions:

What is my legal exposure if a Client/Customer of mine gets hacked and suffers a loss due to my organisation’s negligence?


Do I have proof that my organisation and/or the organisation that manages our Cyber Security complies fully with the “Essential 8” ** ?


Have any of my employees been guilty of stealing information/data from previous employers - do I really know ‘who they are’?


Is the Cyber Insurance policy that I took out 3 years ago “fit for purpose” today?


Can I prove that my organisation is in complete compliance with the Companies Code and other ‘cross over’ legislation in my jurisdiction?


If my organisation does not have a ‘mature’ cyber security status, independently verified, will it effect the enterprise value of my business in 2020 or beyond.?


** The Australian Cyber Security Centre’s (ACSC)  ‘Essential 8’ mitigation strategies are a prioritised list of security controls organisations can implement to protect their systems against a range of adversaries. The Australian Government Signals Directorate (ASD) found that when operating effectively, compliance with the Essential 8 mitigates 85% of the operational risks of targeted cyber-attacks and it is currently in place in a number of Federal & State Government organisations and has now become available for implementation by selected Cyber Security companies in the Private Sector.

A Comprehensive Certified Independent 3rd Party Cyber Security Safety Audit of the 4 Pillars of Cyber Security is the first step towards transparency for Suppliers, Customers and Regulators and will make your organisation truly Cyber Resilient. Visit https://www.avantiacybersecurity.com/cyber-security-audit for more information.


Paul Nielsen is Managing Director of Avantia Corporate Services Pty Ltd and lead for the companies Cyber Security division based in Brisbane, Australia. Paul is a 2018 Graduate of Harvard Universities Office of The Vice Provost for Advances in Learning Course: ‘Cyber Risk in the Information Age‘ and is Cyber Security Ambassador to the Council Of Small Business Organisations Of Australia Ltd.- Avantia’s team of IT Technicians; Lawyers; Social Media Auditors; Insurance Executives and Cyber Risk Experts provide Independent Cyber Security Safety Audits with detailed Audit Reports and recommendations for remediation throughout Australia He can be contacted on +61 7 30109711 or pauln@avantiacorp.com.au Avantia Cyber Security is a Registered Partner of the Australian Cyber Security Centre.


ACSC Advisory: Critical Vulnerabilities for Microsoft Windows Announced, Patch Urgently

On 15 January 2020 (AEDT), Microsoft released security patches for three critical and one important vulnerabilities in the Microsoft Remote Desktop Client, Remote Desktop Gateway and the Windows operating system. The ACSC recommends that users of these products apply patches urgently to prevent malicious actors from using these vulnerabilities to compromise your network. Click Here to go to ACSC Advisory 2020:02 https://www.cyber.gov.au/threats/advisory-2020-002-critical-vulnerabilities-microsoft-windows-announced-patch-urgently


CYBER ATTACK FORCES CURRENCY EXCHANGE GIANT TRAVELEX OFFLINE

Foreign currency exchange Travelex has taken its UK website and services offline after malware was found on its systems on New Year’s Eve.  Founded by Lloyd Dorfman, Travelex is headquartered in London and company provides international payments, currency exchange services, and prepaid credit cards for travelers.  In a statement posted on Twitter, the company confirmed that some of its services were impacted by the infection and that it took all of its systems offline to prevent further compromise.  “As a precautionary measure in order to protect data and prevent the spread of the virus, we immediately took all our systems offline,” the company announced.  The exchange’s network of branches continues to provide services to its customers, but only manually. Travelex’ UK website remains offline at the time publishing.  In its Twitter statement, the company also announced that a team of specialists has been working since New Year’s Eve in an attempt to isolate the malware and restore affected systems. The company has yet to provide a specific timeframe for when systems may come back online. The exchange also notes that the investigation so far hasn’t revealed a potential impact on customer data.  “Our investigation to date shows no indication that any personal or customer data has been compromised,” Travelex says.  The company hasn’t provided details on what type of malware it was hit with or on the compromise vector.  While some suggest that ransomware might be responsible, security expert Kevin Beaumont points out in a tweet that “Travelex’s AWS platform had Windows servers with RDP enabled to internet and NLA disabled.”


DEVELOPING AN INCIDENT RESPONSE PLAN

Being fully prepared is your best defense - Australian Cyber Securities Centre.

Cyber incidents can occur at any time and can take many forms. An incident may occur in critical systems at a time when key staff are unavailable, or in rarely used systems that may not have a clear immediate response, or in third-party systems that require outside involvement. An incident response plan determines how your organisation will respond to a cyber security incident. Every organisation should have an incident response plan in place and should regularly review and test it. Having a plan in place can dramatically limit damage, improve recovery time and help safeguard your business. Crucially, incident response plans must have buy-in from the business executives; they are generally the key decision makers and the ones facing the public when there is a significant incident. They may also be the legally responsible office holder. Without their involvement or support, plans can be completely disregarded the moment there is an incident.

These plans also help make cyber security front-of-mind for CEOs and business executives as they detail the known threats facing the business and the risk of compromise.

Effectively dealing with an incident One of the most crucial elements of an effective incident response process is ensuring the right people are involved in the process as early as possible. This must be established before an incident occurs to enable a timely response, and must be recorded in a place that is easily accessible and made known to staff. This information must be regularly reviewed and updated. Having contact information for the right staff covers more than just ensuring that right management chain is recorded. It may also include representatives from other technical teams, non-technical teams, or external parties if there are third parties involved.

Incident response plans should be accessible by all staff and kept current. There are set standards that can assist in developing a plan, such as in ISO 27035-2.


A good incident response plan should include the following:


> Analysis of the threat environment including the likelihood and severity of potential incidents. Consider industry-specific threats, the type and value of data you hold, third-party networks and the current cyber security posture of your networks.

Identification of key assets, data and critical systems. What are you working to protect and why does it need protecting?

Plans for each major incident type and different types of data that could be compromised. For example, the theft of personnel data would have a very different response to a ransomware attack. These plans should include timeframes and objectives.

> Key roles and responsibilities of management and staff. It's crucial all parties involved understand the reporting lines who will be making decisions, what the decision thresholds are and what involvement there is from senior management.

Key tools including contact lists, checklists and guides for use during the response. This should include hard-copy printouts as the incident could make your systems unusable. > A process for alerting necessary stakeholders including the Australian Cyber Security Centre, board members, suppliers and external agencies that may be impacted.

Public relations and media management. What advice can you give your customers/clients? Who is the media spokesperson and what can be said to the media? If businesses fail to manage this well, the reputational damage can far outweigh the actual business cost of the incident.

>Arrangements to regularly review and exercise the plan. A plan might look good on paper but it needs to be exercised regularly to ensure it is effective. Make sure there is a review schedule that considers the frequency of changes to the organisation or the threat environment. For a large organisation that has frequent structural changes or new platforms, consider reviewing every three months. For a smaller organisation, perhaps every six months.

>Post-incident review and reporting. It's important to document the incident details and response actions, collect the lessons learned and update the incident response plan to improve future responses.

Other actions worth considering

> Personal impact: many cyber security incidents have a very real impact on individuals. What support can be provided and how will you manage the human side of this incident?

> Legal exposure: many cyber security incidents result in court cases that can be very expensive. Ensure your legal team/service provider is consulted in the drafting of the incident response plan.

> Mandatory reporting requirements: if there is a breach of personal data, do you need to report this to the Office of the Australian Information Commissioner under the Notifiable Data Breaches scheme or under the General Data Protection Regulation (GDPR)?

> Business consultation: cyber security incidents are not just an issue for the technology team; they have impact across the business. Consulting on this plan will also assist internal coordination during an incident.

PREDICTIONS HOW ARTIFICIAL AI WILL IMPROVE CYBERSECURITY IN 2020

Cybersecurity is at an inflection point entering 2020. Advances in AI and machine learning are accelerating its technological progress. Real-time data and analytics are making it possible to build stronger business cases, driving higher adoption.


The following are nine predictions:

AI and machine learning will continue to enable asset management improvements that also deliver exponential gains in IT security by providing greater endpoint resiliency in 2020.

1> AI tools will continue to improve at drawing on data sets of wildly different types, allowing the “bigger picture” to be put together from, say, static configuration data, historic local logs, global threat landscapes, and contemporaneous event streams.  

2> Threat actors will increase the use of AI to analyze defense mechanisms and simulate behavioral patterns to bypass security controls, leveraging analytics to and machine learning to hack into organizations. 

3> Given the severe shortage of experienced security operations resources and the sheer volume of data that most organizations are trying to work through, we are likely to see organizations seeking out AI/ML capabilities to automate their security operations processes.

4> There’s going to be a greater need for adversarial machine learning to combat supply chain corruption in 2020 - the big problem with remote coworking spaces is determining who has access to what data. As a result, AI will become more prevalent in traditional business processes and be used to identify if a supply chain has been corrupted.”

5> Artificial intelligence will become more prevalent in account takeover—both the proliferation and prevention of it - AI will be key in protecting the entire customer journey, from account creation to account takeover, to a payment transaction. And, AI will allow businesses to establish a relationship with their account holders that are protected by more than just a password.

6> Consumers will take greater control of their data sharing and privacy in 2020 - Companies will have to put privacy first to stay in business. Moving forward, consumers will own their data, which means they will be able to selectively share it with third parties, but most importantly, they will get their data back after sharing, unlike in years past.

7> As cybersecurity threats evolve, we’ll fight AI with AI. While an attacker only needs to find one open door in an enterprise’s security, the enterprise must race to lock all of the doors. AI conducts this at a pace and thoroughness human ability can no longer compete with, and businesses will finally take notice in 2020.

8> AI and machine learning will thwart compromised hardware finding its way into organizations’ supply chains. Rising demand for electronic components will expand the market for counterfeit components and cloned products, increasing the threat of compromised hardware finding its way into organizations’ supply chains.The vectors for hardware supply-chain attacks are expanding as market demand for more and cheaper chips, and components drive a booming business for hardware counterfeiters and cloners. This expansion is likely to create greater opportunities for compromise by both nation-state and cybercriminal threat actors.

9> 63% of organizations are planning to deploy AI in 2020 to improve cybersecurity, with the most popular application being network security. Nearly one in five organizations were using AI to improve cybersecurity before 2019. In addition to network security, data security, endpoint security, and identity and access management are the highest priority use cases for improving cybersecurity with AI in enterprises today.

Cybersecurity spending has rarely been linked to increasing revenues or reducing costs, but that’s about to change in 2020. 

______________________________________________________________________________


THREAT FOCUS: Alomere Health Hospital - UNITED STATES

https://www.scmagazine.com/home/security-news/data-breach/breach-of-email-accounts-impacts-50000-patients-of-minnesota-hospital/

Exploit: Phishing attack Alomere Health: General medical and surgical hospital Risk to Small Business: 1.777 = Severe: Two employees fell for a phishing scam that gave hackers access to patients’ protected health information. The first breach occurred between October 31, 2019 and November 1, 2019, while a second breach took place on November 6, 2019. In response, the company is updating its email security protocols, an effort that won’t restore the stolen data nor repair the company’s already-damaged reputation. In addition, Alomere Health could face regulatory penalties because of the nature and scope of the data breach. Individual Risk: 2.285 = Severe: The compromised employee email accounts stored patient data, including names, addresses, dates of birth, medical record numbers, health insurance information, along with sensitive diagnosis and treatment details. In addition, some patients had their Social Security numbers and driver’s license numbers exposed. Alomere Health is offering free credit and identity monitoring services to those impacted by the breach, and anyone affected should enroll in these services. In addition, they should be especially critical of online communications, as the stolen data can be deployed in phishing scams that can collect additional personal data. Customers Impacted: 49,351 Effect On Customers: Phishing scams are the leading cause of data breaches, but they are also entirely avoidable. With the cost associated with a compromise continually escalating, training employees to identify and avoid phishing scams is a relatively low-cost initiative that can transform employees into a robust defense rather than an imminent vulnerability. Risk Levels: 1 - 1.5 = Extreme Risk 1.51 - 2.49 = Severe Risk 2.5 - 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Avantia Cyber Security & ID Agent to the Rescue: BullPhish ID™ simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Phone 07 30109711 to get started.



THREAT FOCUS:  Contra Costa Library System - UNITED STATES

https://www.govtech.com/security/Bay-Area-Library-System-Suffers-Ransomware-Attack.html

Exploit: Ransomware

Contra Costa Library System: Library network

Risk to Small Business: 2.333 = Severe: A ransomware attack disabled the entire library network, impacting all 26 branches. While buildings remain open, patrons have to bring their library cards to a location to manually check out books. The incident will bring significant recovery costs to the library network, which just updated its systems in 2018. For an organization with limited resources, this attack can reduce their ability to meet customer needs and invest in future opportunities.

Individual Risk: At this time, no personal information was compromised in the breach.

Customers Impacted: Unknown Effect On Customers: Ransomware attacks come with high recovery and opportunity costs. Especially for SMBs that operate with more limited budgets, these increasingly common attacks can dampen their financial outlook and prevent them from embracing opportunities in the future. However, ransomware always requires a foothold, and every organisation can take steps to ensure that they are not inviting these attacks to damage their business. Risk Levels: 1 - 1.5 = Extreme Risk 1.51 - 2.49 = Severe Risk 2.5 - 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security to the Rescue: It’s critical that SME’s understand the importance of cybersecurity. Our Pinpoint Cyber Audits™ are an expansion of our White Glove Support that includes a Certified 3rd Party holistic Cyber Security Audit incorporating the “Essential 8” mitigation strategies (as defined by the Australian Cyber Security Centers) to evaluate our client’s Operational; Legal; Reputational & Recovery Risks with recommendations for remedies. Click on the link https://www.avantiacybersecurity.com/cyber-security-audit for more information.



THREAT FOCUS: Wyze Home Security - UNITED STATES 

https://www.slashgear.com/report-alleges-massive-wyze-data-breach-but-many-questions-remain-26604513/

Exploit: Unprotected database

Wyze: Low-budget home security company

Risk to Small Business: 2.222 = Severe: A cybersecurity company identified an exposed database containing the personal details of millions of Wyze users. The breach, which has not been confirmed by Wyze, is an unforced error that could have serious and financial and reputational implications. Smart home technology is often targeted by hackers due to its sensitive nature, and many consumers are already unwilling to work with companies that cannot protect their personal data, especially when it impacts their peace of mind and security.

Individual Risk: 2.428 = Severe: Users’ personal data, including email addresses, list of cameras, camera names, Wi-Fi SSID, API tokens, and Alexa tokens, were all publicly available from the exposed database. Those impacted by the breach should reset their account passwords, enable two-factor authentication, and closely monitor their accounts for unusual activity.

Customers Impacted: 2,400,000 Effect On Customers: Today’s consumers are beginning to make buying decisions based on a brand’s data security reputation. Especially in a sensitive sector like smart home technology, a strong cybersecurity posture is a prerequisite for long-term success. Unforced errors, such as leaving a database exposed, become especially egregious. Of course, mistakes do happen, and businesses need a response plan to contain the event and to identify the scope of the problem as quickly as possible.

Risk Levels: 1 - 1.5 = Extreme Risk 1.51 - 2.49 = Severe Risk 2.5 - 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Avantia Cyber Security & ID Agent to the Rescue: Dark Web ID™ monitors the Dark Web to find out if your employee or customer data has been compromised. We work with our Partners and their Customers to strengthen their security suite by offering industry-leading detection. Discover more and get a free “real time” Dark Web Credentials check by phoning 07 30109711



THREAT FOCUS: The Heritage Company - UNITED STATES

https://www.infosecurity-magazine.com/news/us-biz-closes-doors-after/


Exploit: Ransomware

The Heritage Company:  Telemarketing and fundraising firm

Risk to Small Business: 1.333 = Extreme: An October ransomware attack ultimately forced The Heritage Company to close its doors. Shortly before Christmas, the company informed the staff that their operation was no longer tenable, even noting that the CEO was paying salaries out-of-pocket in an attempt to keep business going while systems were unavailable. Unfortunately, three months after the attack, The Heritage Company was no longer financially solvent and chose to temporarily shutter its operations. The company may try to reopen if systems can be restored, but it appears likely that the institution, which existed for 60 years, was put out of business by a ransomware attack.

Individual Risk: At this time, no personal information was compromised in the breach.

Customers Impacted: Unknown Effect On Customers: This incident is an especially prescient warning for SMEs who often have less cash on hand that rely on critical IT systems to manage their operations. As security experts noted, the company’s ultimate failure wasn’t financial solvency but an inability to adopt cybersecurity standards that could have prevented a ransomware attack from crippling their operations. Even simple steps, like implementing two-factor authentication, can keep hackers out of your IT infrastructure, which prevents a potentially-devastating data disaster before it takes place. Risk Levels: 1 - 1.5 = Extreme Risk 1.51 - 2.49 = Severe Risk 2.5 - 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security to the Rescue: It’s critical that SME’s understand the importance of cybersecurity. Our Pinpoint Cyber Audits™ are an expansion of our White Glove Support that includes a Certified 3rd Party holistic Cyber Security Audit incorporating the “Essential 8” mitigation strategies (as defined by the Australian Cyber Security Centers) to evaluate our client’s Operational; Legal; Reputational & Recovery Risks with recommendations for remedies. Click on the link https://www.avantiacybersecurity.com/cyber-security-audit for more information.



THREAT FOCUS: Children’s Choice Pediatrics - UNITED STATES

https://finance.yahoo.com/news/childrens-choice-pediatrics-notifies-patients-232600915.html


Exploit: Ransomware

Children’s Choice Pediatrics: Pediatric healthcare provider

Risk to Small Business: 1.555 = Severe: A ransomware attack encrypted patient data and exposed patient records to hackers. The attack, which was discovered on October 27, 2019, encrypted the healthcare provider’s entire network. When records were restored, the provider discovered that some were irretrievably deleted. In response, Children’s Choice Pediatrics is upgrading its cybersecurity protocols to ensure that they don’t give a foothold to future ransomware attacks. However, the opportunity cost, reputational damage, and recovery expenses will continue to weigh down the practice now and for the foreseeable future.

Individual Risk: 2.285 = Severe: While hackers often encrypt company data to extract a ransom, many are turning to data theft as a means to exact additional money from a ransomware attack. In this case, some patients’ personally identifiable information may have been exposed to hackers. Those impacted by the breach should stay vigilant in monitoring their online accounts and scrutinizing digital communications as this data is often redeployed in phishing attacks that compromise additional data.

Customers Impacted: Unknown Effect On Customers: Reactive cybersecurity measures can’t undo the damage of a data breach. With the holistic cost associated with exposure at an all-time high, companies have millions of reasons to embrace a robust defensive posture against cybercrime. Often, this means starting by securing accounts using best practices, like two-factor authentication, to keep intruders out. Risk Levels: 1 - 1.5 = Extreme Risk 1.51 - 2.49 = Severe Risk 2.5 - 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security to the Rescue: It’s critical that SME’s understand the importance of cybersecurity. Our Pinpoint Cyber Audits™ are an expansion of our White Glove Support that includes a Certified 3rd Party holistic Cyber Security Audit incorporating the “Essential 8” mitigation strategies (as defined by the Australian Cyber Security Centers) to evaluate our client’s Operational; Legal; Reputational & Recovery Risks with recommendations for remedies. Click on the link https://www.avantiacybersecurity.com/cyber-security-audit for more information.



THREAT FOCUS: eHealth Insurance Marketplace - CANADA 

https://ca.news.yahoo.com/ehealth-hit-ransomware-attack-personal-175304050.html


Exploit: Ransomware

eHealth: Private, online insurance marketplace

Risk to Small Business: 2.333 = Severe: A ransomware attack on eHealth has encrypted network files containing the confidential medical data for some Saskatchewan residents. The company was quick to note that no patient data was stolen in the attack. They also acknowledged that business is grinding to a halt as employees are unable to use many of the company’s systems. However, eHealth is not negotiating with the hackers, instead choosing to restore operations on their own, a brave decision that will still come with a considerable cost.

Individual Risk: At this time, no personal information was compromised in the breach.

Customers Impacted: Unknown Effect On Customers: Companies are encouraged not to pay a ransom, but every recovery initiative still bears costly implications. Notably, ransomware attacks carry less-quantifiable reputation costs that can have consequences long after system access is restored. Simply put, when it comes to responding to ransomware, the only good option is to take steps to prevent an attack from occurring in the first place. Risk Levels: 1 - 1.5 = Extreme Risk 1.51 - 2.49 = Severe Risk 2.5 - 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security & ID Agent to the Rescue: With BullPhish ID, we can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organisation into their strongest points of protection. Find out how you can get started with us by phoning Avantia on 07 30109711



THREAT FOCUS: Perricone MD Skincare - UNITED KINGDOM

https://www.bleepingcomputer.com/news/security/card-stealing-scripts-infect-perricones-european-skin-care-sites/


Exploit: Malware attack

Perricone MD: Skincare cosmetics brand

Risk to Small Business: 2 = Severe: The online payment platform for Perricone MD has been infected with payment skimming malware, impacting customers in the United Kingdom, Italy, and Germany. However, hackers were only able to exfiltrate data from one country. Incredibly, the malware was planted on the website more than a year ago, giving hackers plenty of time to refine their efforts to steal sensitive data. For a company that relies on online sales to fuel its bottom line, such an egregious cybersecurity event can be devastating, and Perricone MD will have to work to restore their customers’ trust.

Individual Risk: 2.285 = Severe: Perricone MD customers that made an online purchase in the past year should review their account records and financial details for unusual or suspicious activity. In addition, they should report the incident to their financial institutions to ensure that their accounts aren’t used for additional crimes. Finally, credit and identify monitoring services can continue to monitor customers’ credentials even after the immediate urgency wares off.

Customers Impacted: Unknown Effect On Customers: Online stores are quickly surpassing brick-and-mortar stores as the preferred shopping location for many consumers. Companies that want to compete in this field have to prioritize data security at every level. Customers are demonstrating an unwillingness to spend money on websites that can’t or won’t protect their information, which makes data security initiatives a critical, bottom-line priority for every online retailer. Risk Levels: 1 - 1.5 = Extreme Risk 1.51 - 2.49 = Severe Risk 2.5 - 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security & ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with our Partners to strengthen their security suite by offering industry-leading detection. Discover more and get a free “real time” Dark Web Credentials check by phoning 07 30109711



THREAT FOCUS: London Stock Exchange - UNITED KINGDOM

https://www.zdnet.com/article/uk-government-investigates-possible-cyberattack-link-to-london-stock-exchange-outage/


Exploit: Cyber-attack

London Stock Exchange: Stock exchange for the city of London

Risk to Small Business: 1.777 = Severe: Authorities are reexamining an August outage at the London Stock Exchange that was initially attributed to a software glitch. The disruption prevented traders from buying or selling shares for more than 90 minutes, and impacted prices on two stock indexes. The incident could have been caused by hackers trying to destabilize markets for their own gain or even set the stage for a more nefarious scheme in the future. The lengthy time to identification reflects the difficulty that many companies have when identifying and addressing cyber threats.

Individual Risk: At this time, no personal information was compromised in the breach.

Customers Impacted: Unknown Effect On Customers: How it Could Affect Your Customers’ Business: Having the ability to identify and quickly respond to a data breach is a critical element of any business. Because threats lurk all around us, even the most well-defended companies can incur data loss events. When it comes to data breach recovery, time is money, and a finely-tuned response plans can lessen the repercussions of a breach by allowing companies to recover more quickly. Risk Levels: 1 - 1.5 = Extreme Risk 1.51 - 2.49 = Severe Risk 2.5 - 3 = Moderate Risk *The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


Avantia Cyber Security to the Rescue: It’s critical that SME’s understand the importance of cybersecurity. Our Pinpoint Cyber Audits™ are an expansion of our White Glove Support that includes a Certified 3rd Party holistic Cyber Security Audit incorporating the “Essential 8” mitigation strategies (as defined by the Australian Cyber Security Centers) to evaluate our client’s Operational; Legal; Reputational & Recovery Risks with recommendations for remedies. Click on the link https://www.avantiacybersecurity.com/cyber-security-audit for more information.


POSTSCRIPT:

UK Businesses Endured an Attack Every Minute in 2019 

For companies around the world, 2019 was a terrible year for data security. This is especially true for UK businesses, which endured a deluge of cybersecurity episodes equal to an attack every minute. Individually, it’s estimated that each business experienced 576,575 attempts to compromise company data in 2019, a 152% year-over-year increase. The report, compiled by Beaming, a Hastings-based ISP, identified China as the origin for nearly ⅕ of the attacks. Hackers commonly pursued domain admin tools and IoT endpoints to gain access to company networks. In total, the report concluded that 2019 was the worst year on record for UK data breaches. Moreover, the report cautioned SMEs to take cybersecurity issues more seriously by recognizing the profound risk and implementing basic protection plans, including adopting two-factor authentication to secure web platforms.


Disclaimer*: Avantia Corporate Services Pty Ltd T/A Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, and up to 56 other countries who provide cyber breach and cyber security information to us in real time. Given their international focus and experience in the cyberspace arena we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the contents accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

*COPYRIGHT 2019 Avantia Corporate Services - All Rights Reserved.

2,409,351 +

Want The Information  Cyber Criminal's  Don't Want You To Know?

Subscribe below to receive our weekly Threat Updates straight to your inbox.

Call (07) 3010 9711 

info@avantiacorp.com.au

 

Avantia Corporate Services Pty Ltd,                    Level 7, 320 Adelaide Street

Brisbane, Queensland 4000

AUSTRALIA.

  • LinkedIn Social Icon
  • Facebook Social Icon

DISCLAIMER*: Avantia Corporate Services Pty Ltd and Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, and up to 56 other countries who provide cyber breach and cybersecurity information to us in real-time. Given their international focus and experience in the cyberspace arena, we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the content's accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

*COPYRIGHT 2020* Avantia Corporate Services  PTY LTD - All Rights Reserved.