NEW GOOGLE VIRTUAL PRIVATE NETWORK (VPN) LAUNCHED
This Past Week:
Browsing from the Coffee Shop - Google’s new VPN; Australian Cybersecurity Centre warns about fake ASIC scams; Scientists develop a new method of GPS tracking based on the sea floor; 2021 Cyber Security trends outlook; Half Ransomware attacks now involve Data exfiltration & extortion; Google employee information is exposed in a third-party breach; Healthcare targets get walloped again; Data breach fines pack a punch; Perils of paying Ransomware fees and Major Breaches in AUSTRALIA; INDIA; SWEDEN; ITALY; CANADA; JAPAN and UNITED STATES.
Dark Web ID’s Top Threats This Past Week:
Top Source Hits: ID Theft Forum
Top Compromise Type: Domain
Top Industry: Education & Research
Top Employee Count: 1 – 10
___________________________________________________________________
BROWSING FROM THE COFFEE SHOP? YOU MIGHT LIKE TO TRY GOOGLE’S NEW VPN SERVICE.
Keen coffee drinkers with terrible cybersecurity habits could be about to get an answer to privacy problems they didn't know they had. Targeting anyone who is inclined to connect to unsecured Wi-Fi networks in cafes and other public venues, naively entering credit-card details and other personal data, Google is now releasing a new Virtual Private Network (VPN) directly embedded in Google One services. Available only to customers subscribed to the 2TB Google One plan, the VPN will provide an extra layer of security for Android phones by encrypting online traffic on all apps and browsers. When switched on, the new feature will prevent hackers from eavesdropping on sensitive data when users are connected to public networks. Google already offers a similar feature through Google Fi, the company's mobile virtual network operator. However, the always-on VPN protection enabled by Fi is only available to Android smartphones that are subscribed to Fi services. Unsecured hotspots are notoriously ripe in opportunities for hackers to steal any unencrypted data that transits through the network, ranging from passwords to financial information through IP addresses and visited websites. An outdated app or a weak website, or a service that has failed to protect user data entirely, can all be intercepted and even modified by malicious actors. VPNs have proliferated over the past few years to remediate the issue by creating a private, secure network from a public connection. When users connect to a VPN, their online data travels through a strongly encrypted tunnel managed by the VPN provider, which means that the information is unreadable and anonymous. Google noted that in some cases, the VPN provider can still see all the user's unencrypted traffic, such as the domain of every website visited. Reports have effectively shown that this lack of security can be problematic, with some commercial VPN services having previously leaked user traffic, whether inadvertently or not. "Because the VPN provider occupies this privileged position, the user must be able to trust that the VPN provider has strong privacy and security guarantees," said Google in a white paper about the company's new service. "With growing demand for better privacy in a mixed landscape of solutions, we have used our expertise in privacy, cryptography, and infrastructure to build a Google-grade VPN that provides additional security and privacy to online connectivity without undue performance sacrifices."Google's VPN will not log any online activity, assured the company in the white paper, and users' data will not be identifiable. Some minimum logging will be required from the user, but network traffic or the IP associated with the VPN will never be logged. IP addresses, bandwidth utilized or connection timestamps, for example, will all remain untracked by Google's tool. In an effort to demonstrate transparency, Google has open-sourced the code that runs on users' devices when using the VPN, and has also committed to providing public access to the authentication mechanism running on the server side in 2021. Results of a third-party audit that is currently underway can also be expected soon. The VPN will roll out in the US in the coming weeks through the Google One app, on Android only as a starter, and can be switched on and off in the Google One app. While the VPN won't limit users' throughput speed, allowing speeds above 300Mbps, the feature might affect battery life. Google confirmed that the extra encryption will consume between 5% and 10% more data, which will lead to some battery drain and higher data use. The Search giant expects that the feature will be available to iOS, Windows and Mac in the coming months, while the service will also expand to more countries.
AUSTRALIAN CYBER SECURITY CENTRE WARNS ABOUT SCAMMERS USING ACSC CREDENTIALS TO FLEECE AUSTRALIANS.
Scammers purporting to be from ACSC are calling Australians and attempting to trick them into installing malicious software on personal devices. The Australian Cyber Security Centre warns some Australians are receiving phone calls from scammers purporting to be ACSC employees and claiming the receiving person’s computer has been compromised. These malicious callers are known as ‘remote access scammers’ and they request individuals to download ‘TeamViewer’ or ‘AnyDesk’ onto their device to help resolve the malware issue. The scammer then attempts to persuade recipients to take actions, such as enter a URL into a browser and access online banking service, which then compromises their computer to reveal banking information, enabling them access to transfer funds. Some recipients of these calls have reported to ACSC that the scammers may have spoofed legitimate caller ID numbers, to make their unsolicited calls appear more authentic. NEVER provide your personal and financial details or give a stranger remote access to your device or computer – simply hang up. Australian Government agencies will never contact individuals asking for remote access to use computers or request funds to be transferred for an investigation. If you receive a suspicious phone call, we recommend you hang up and report the incident to Scamwatch and the affected government agency. To report a cybercrime or cyber security incident through ReportCyber, see www.cyber.gov.au/acsc/report.
How do I stay safe?
If you've received one of these calls but have not engaged with the scammer, you can report it to Scamwatch.
If the cybercriminal has accessed your device via Team Viewer, Zoho Assist or AnyDesk, you should report it to ReportCyber and immediately notify your bank. Your financial institution may be able to put a temporary freeze on your financial accounts.
To prevent further compromise, you should also change passwords on all your important online accounts including banking, email and social media, and turn on two-factor authentication for extra security. If you’re in doubt about a call claiming to be from a government agency or Australian business and want to verify its legitimacy, contact the organisation by sourcing their details separately from their website, NOT using the phone number or other details from the incoming call. Many organisations have dedicated scam pages on their websites alerting the public to the latest scams.
ACSC has launched an interactive quiz, to help Australians spot the warning signs of phishing (scam) messages. Make sure you share the quiz with your colleagues, family and friends, available at www.cyber.gov.au/scam-messages.
Publisgers Note: Avantia Cyber Security is a Registered Partner of Australian Cyber Securith Centre (ACSC).
GPS AND WATER DON’T MIX - SCIENTISTS FIND A NEW WAY TO NAVIGATE UNDER THE SEA.
Nearly half a century ago, the US Department of Defense started working on a project to pinpoint locations on the surface of the planet thanks to satellites. What is now known as GPS has since come a long way, permeating every aspect of our everyday lives, from helping city-dwellers find their way through unknown streets all the way to assisting the delivery of emergency services. And yet even today's most sophisticated GPS systems are still unable to map a huge chunk of the Earth: that which is located under oceans, seas, or rivers. The technology, in effect, doesn't mix well with water, which breaks down the radio waves GPS relies on to function. MIT scientists have been looking at ways to create a new type of underwater GPS, which could be used to better understand the mysteries that lie between surface and seabed. The researchers have now unveiled a device called an underwater backscatter localization (UBL) that reacts to acoustic signals to provide positioning information, even when it is stuck in oceanic depths. All of this, without even using a battery. Underwater devices already exist, for example to be fitted on whales as trackers, but they typically act as sound emitters. The acoustic signals produced are intercepted by a receiver that in turn can figure out the origin of the sound. Such devices require batteries to function, which means that they need to be replaced regularly – and when it is a migrating whale wearing the tracker, that is no simple task. On the other hand, the UBL system developed by MIT's team reflects signals, rather than emits them. The technology builds on so-called piezoelectric materials, which produce a small electrical charge in response to vibrations. This electrical charge can be used by the device to reflect the vibration back to the direction from which it came. In the researchers' system, therefore, a transmitter sends sound waves through water towards a piezoelectric sensor. The acoustic signals, when they hit the device, trigger the material to store an electrical charge, which is then used to reflect a wave back to a receiver. Based on how long it takes for the sound wave to reflect off the sensor and return, the receiver can calculate the distance to the UBL. "In contrast to traditional underwater acoustic communication systems, which require each sensor to generate its own signals, backscatter nodes communicate by simply reflecting acoustic signals in the environment," said the researchers. "These nodes can also power up by harvesting energy from acoustic signals. Thus (...) UBL would enable us to build a long-lasting, scalable, battery-free underwater GPS." The UBL system developed by MIT's team reflects signals, rather than emits them. At least, that's the theory. In practice, piezoelectric materials are no easy component to work with: for example, the time it takes for a piezoelectric sensor to wake up and reflect a sound signal is random. To solve this problem, the scientists developed a method called frequency hopping, which involves sending sound signals towards the UBL system across a range of frequencies. Because each frequency has a different wavelength, the reflected sound waves return at different phases. Using a mathematical theorem called an inverse Fourier transform, the researchers can use the phase patterns and timing data to reconstruct the distance to the tracking device with greater accuracy. Frequency hopping showed some promising results in deep-sea environments, but shallow waters proved even more problematic. Because of the short distance between surface and seabed, sound signals uncontrollably bounce back and forth in lower depths, as if in an echo chamber, before they reach the receiver – potentially messing with other reflected sound waves in the process. One solution consisted of turning down the rate at which acoustic signals were produced by the transmitter, to allow the echoes of each reflected sound wave to die down before interfering with the next one. Slower rates, however, might not be an option when it comes to tracking a moving UBL: it might be that, by the time the reflected signal reaches the receiver, the object has already moved, defeating the point of the technology entirely. While the scientists acknowledged that addressing these challenges would require further research, a proof-of-concept for the technology has already been tested in shallow waters, and MIT's team said that the UBL system achieved centimeter-level accuracy. It is clear that the technology could find myriad applications if it were ever to reach full-scale development. It is estimated that more than 80% of the ocean floor is currently unmapped, unobserved and unexplored; having a better understanding of underwater life could significantly benefit environmental research.UBL systems could also help subsea robots work more precisely, track underwater vehicles and provide insights about the impact of climate change on the ocean. Oceans-worth of water are yet to be mapped, and piezoelectric materials might well be the solution.
Publishers Note: As a new digital solution it can’t be understated that the developers need to ‘build in’ Cyber Security systems to prevent penetration by criminals because of the critical nature of the usage that the system could concievably be used for when widely used.
BY WAY OF A ‘NOVEL’ ARTICLE, BOOOZ/ALLEN & HAMILTON EXPLORE THE CYBER OUTLOOK FOR 2021.
The year 2020 has been unlike any we have experienced, and this is true with regard to cyber threats, too. If this year has taught us anything, it is the importance of preparing for known threats. In the span of a few weeks, our economy, education systems, and lifestyles were altered by a scenario that experts had long been warning about. Yet, as we all faced the new realities of the pandemic, the world continued to move forward with advances in technology and markets. Cyber threats are increasing in both scope and frequency. From ransomware operators refining and polishing their business models, to the rapid adoption of cloud as organizations seek to gain operational efficiencies, attack surfaces are expanding, and threat actors are evolving. In this time of both change and adjustment, the Cyber Threat Trends Outlook explores what is known about key cybersecurity issues that lie ahead. We open with a scene that is far too easy to imagine playing out in the coming year but that every business leader hopes never to experience. The scene features Dakota Alexander, the fictional CEO of a Fortune 500 company, managing the fallout after a front-page breach to her enterprise. She is joined by Arnie Weir, a powerful board member for her organization. Together they are flying to testify to a congressional committee on the recent breach. Though fictitious, this account is all too plausible given the current cyber threat landscape.
SEE FULL REPORT HERE: https://boozallen.com/content/dam/boozallen_site/ccg/pdf/publications/cyber-threat-trends-outlook-2021.pdf
Publishers Note: Booz Allen Hamilton Inc. is an American management and information technology consulting firm, headquartered in McLean, Virginia, in Greater Washington, D.C., with 80 other offices around the globe.
ALMOST HALF OF RANSOMWARE ATTACKS NOW INVOLVE DATA EXFILTRATION & EXTORTION.
CyberWire reported that for the third quarter of 2020 nearly half of ransomware attacks now involve data exfiltration and extortion. Worse, the security firm Coveware says it's identified instances of ransomware gangs leaking data after victims paid the ransom, or returning to demand additional payment: "Coveware feels that we have reached a tipping point with the data exfiltration tactic. Despite some companies opting to pay threat actors to not release exfiltrated data, Coveware has seen a fraying of promises of the cybercriminals (if that is a thing) to delete the data. The below list includes ransomware groups who have been observed to publicly DOX victims after payment, or have demanded a second extortion payment from a company that had previously paid to have the data deleted / not leaked:
"Sodinokibi: Victims that paid were re-extorted weeks later with threats to post the same data set.
"Maze / Sekhmet / Egregor (related groups): Data posted on a leak site accidentally or willfully before the client understood there was data taken.
"Netwalker: Data posted of companies that had paid for it not to be leaked.
"Mespinoza: Data posted of companies that had paid for it not to be leaked.
"Conti: Fake files are shown as proof of deletion."
Coveware advises against paying the ransom, but concludes that victims should treat these incidents as data breaches from the start, regardless of whether or not they decide to pay:
"Unlike negotiating for a decryption key, negotiating for the suppression of stolen data has no finite end. Once a victim receives a decryption key, it can’t be taken away and does not degrade with time. With stolen data, a threat actor can return for a second payment at any point in the future. The track records are too short and evidence that defaults are selectively occurring is already collecting. Accordingly it is strongly advised that all victims of data exfiltration take the hard, but responsible steps. Those include getting the advice of competent privacy lawyers, performing an investigation into what data was taken, and performing the necessary notifications that result from that investigation and counsel. Paying a threat actor does not discharge any of the above, and given the outcomes that we have recently seen, paying a threat actor not to leak stolen data provides almost no benefit to the victim. There may be other reasons to consider, such as brand damage or longer term liability, and all considerations should be made before a strategy is set."
Emsisoft's Fabian Wosar agrees with this view, telling KrebsOnSecurity, "Technically speaking, whether they delete the data or not doesn’t matter from a legal point of view. The data was lost at the point when it was exfiltrated."
_____________________________________________________________________________
THREAT FOCUS: Steelcase Furniture - UNITED STATES
https://www.fox17online.com/news/steelcase-experiences-cyberattack
Exploit: Ransomware
Steelcase: Furniture Manufacturer
Risk to Business: 2.311 = Severe - Furniture manufacturing giant Steelcase was hit with a nasty ransomware attack that forced a brief shutdown of all systems. The company was able to quickly contain the suspected Ryuk ransomware incident and says that no data was stolen. Recovery operations were fast and everything is back online. Individual Risk: No personal or consumer information was reported as impacted in this incident.
Customers Impacted: Unknown
How it Could Affect Your Business: These days, ransomware attacks aren’t just a threat to data – they’re being used to shut down production lines, impact infrastructure, and cause havoc.
Guide to Our Risk Scores 1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.
Avantia Cyber Security & ID Agent to the Rescue: Ransomware is generally the poisoned fruit of a phishing email. Protect your business from ransomware with BullPhish ID, phishing resistance training that’s both effective and cost-effective. Call Avantia on 07 30109711 to learn more.
THREAT FOCUS: Wisconsin Republican Party - UNITED STATES
https://apnews.com/article/wisconsin-republican-party-hackers-stole-641a8174e51077703888e2fa89070e12
Exploit: Phishing
Wisconsin Republican Party: Political Organization
Risk to Business: 1.337 = Extreme - The Wisconsin Republican Party had a suspected phishing incident that couldn’t have come at a worse time. An estimated $2.3 million was stolen by cybercriminals from the party’s reelection fund after at least one staffer interacted with a phishing email, impacting operations just as the races were coming down to the wire. The FBI and local officials are investigating the incident.
Individual Risk: No personal or consumer information was reported as impacted in this incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Phishing is about more than just credential compromise. Today’s most dangerous attack is used to do everything from steal money to deploy malware.
Guide to Our Risk Scores
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.
Avantia Cyber Security & ID Agent to the Rescue: BullPhish ID has simple remote management tools and preloaded plug-and-play phishing simulation kits that make conducting phishing resistance training a snap anytime, anywhere. For More info call Avantia on 07 30109711 today.
THREAT FOCUS: Ledger Cryptocurrency - UNITED STATES
Exploit: Unsecured Database
Ledger: Cryptocurrency Storage Platform
Risk to Business: 1.667 = Severe - Once again, Ledger is hot water for a cyberattack. This time, Ledger users received a phishing email that directed them to log in at a new address, allowing cybercriminals to steal both the victim’s login credentials and cryptocurrency. This is the company’s second incident this year, and information from that July 2020 incident is suspected to have played a part in this attack. Customers Impacted: Unknown
Individual Risk: No personal or consumer information was reported as impacted in this incident.
How it Could Affect Your Business: Cyberattacks can have cascading consequences, with information stolen in cyberattacks coming back to haunt businesses months or years later. Data like login credentials can live on in Dark Web data dumps to haunt you later.
Guide to Our Risk Scores
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.
Avantia Cyber Security & ID Agent to the Rescue: Dark Web ID helps keep credentials safe with 24/7/365 human and machine monitoring using real-time data analysis. to find compromised credentials and alert you fast. For More Information, please call Avantia on 07 30109711
THREAT FOCUS: Fragomen, Del Rey, Bernsen & Loewy Legal - UNITED STATES
https://techcrunch.com/2020/10/26/fragomen-data-breach-google-employees/
Exploit: Unauthorized Database Access
Fragomen, Del Rey, Bernsen & Loewy: Law Firm
Risk to Business: 2.801 = Moderate - Data theft at a top law firm that provides employment verification screening services for companies like Google exposed a small amount of sensitive data. An unauthorized intrusion into a database exposed the employment verification information for some current and past Google employees. Individual Risk: 2.992 = Moderate - The firm has not disclosed exactly what data was stolen although an employment verification or I-9 file can contain very sensitive information. The firm has also not indicated how many employees were affected although they’ve stated that it is a “limited number” Customers Impacted: Unknown
How it Could Affect Your Business: When you’re storing sensitive data, that information needs extra protection in order to really serve your clients.
Guide to Our Risk Scores
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.
Avantia Cyber Security & ID Agent to the Rescue: Secure identity and access management with Passly helps prevent intrusions by requiring multifactor authentication to let anyone access information. Please call Avantia on 07 30109711 for more info.
THREAT FOCUS: Nitro Software Inc. - UNITED STATES
https://securityaffairs.co/wordpress/110025/data-breach/nitro-pdf-data-breach.html
Exploit: Unauthorized Database Access
Nitro Software Inc.: Software Developer
Risk to Business: 2.071 = Severe - A massive data breach at Nitro, home of Nitro PDF, may have an impact on some major players. Nito serves clients including Google, Apple, Microsoft, Chase, and Citibank. The software maker announced that an unauthorized third party gained limited access to a company database. The stolen information has already made its debut on the Dark Web, including about 1TB of documents.
Individual Risk: No personal or consumer information was reported as impacted in this incident.
Customers Impacted: Unknown
How it Could Affect Your Business: A data breach at a third-party service provider for your business is just as dangerous as a data breach at your company and smart companies take precautions against supply chain risk. Guide to Our Risk Scores
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.
Avantia Cyber Security & ID Agent to the Rescue: Stolen data damage businesses by giving cybercriminals huge troves of passwords to mine. Keep your company’s credentials secure with Dark Web ID’s Channel-leading credential monitoring. Call Avantia Corp on 07 3010-9711.
THREAT FOCUS: Gaming Partners International - UNITED STATES
Exploit: Ransomware
Gaming Partners International: Casino Equipment Provider
Risk to Business: 2.211 = Severe - REvil ransomware caused havoc at one of the world’s leading casino suppliers, shutting down systems for several days. The hackers also extracted more than 500 gigabytes of data during the breach. Among the files were casino contracts, banking information and technical documents. The company was quickly able to restore operations.
Individual Risk: No personal or consumer information was reported as impacted in this incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Every time your employees interact with a phishing email, your business is at risk for ransomware. Security awareness training prevents up to 70% of cybersecurity incidents. Guide to Our Risk Scores
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.
Avantia Cyber Security & ID Agent to the Rescue: Phishing resistance training is one of the most important ways that businesses can protect their systems and data, as long as it’s refreshed at least every 4 months. You’ll never run short of fresh, updated training material with BullPhish ID. Phone Avantia on +61 7 30109711 for more info.
THREAT FOCUS: Stelco Manufacturing - CANADA
https://www.itworldcanada.com/article/canadian-steelmaker-stelco-hit-by-cyberattack/437503
Exploit: Hacking
Stelco: Steel Manufacturer
Risk to Business: 2.332 = Severe - Major Canadian steel manufacturer Stelco experienced a nasty ransomware attack that brought its operations to a halt. All manufacturing and business operations were briefly shut down, but the company was quickly able to restore its systems.
Individual Risk: No personal data has been reported as impacted in this incident.
Customers Impacted: Unknown
How it Could Affect Your Business: A robust cybersecurity defensive strategy adds extra protections that prevent hackers from slipping through the cracks to devastate your business.
Guide to Our Risk Scores
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.
Avantia Cyber Security & ID Agent to the Rescue: ID Agent’s digital risk protection platform provides multiple cost-effective solutions that add strong protection against cybercrime. Call Avantia on +61 7 30109711 for a demo
THREAT FOCUS: Gunnebo Consulting - SWEDEN
Exploit: Unauthorized Database Access
Gunnebo: Security Consulting
Risk to Business: 2.227 = Severe - Security system design consulting firm Gunnebo has had its own security incident, as cybercriminals were able to gain access to some of its stored data. Bad actors were able to pilfer the security system plans and blueprints for many important buildings including bank vaults and government buildings. Individual Risk: No individual information has been reported as compromised in this incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Protect your essential blueprints, formulas, and plans as carefully as you would protect financial data because industrial espionage is a hot category on the Dark Web. Guide to Our Risk Scores
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.
Avantia Cyber Security & ID Agent to the Rescue: Passly adds extra protections between cybercriminals and your data with single sign-on launchpads for each employee, allowing security to quickly cut off access if an account is compromised. Learn more by phoning Avantia on +61 7 30109711
THREAT FOCUS: Italy – The Enel Group - ITALY
https://securityaffairs.co/wordpress/110067/malware/enel-group-netwalker-ransomware.html
Exploit: Ransomware
The Enel Group: Energy Manufacture & Distribution
Risk to Business: 1.909 = Severe - Multinational energy conglomerate Enel was the latest victim of Netwalker ransomware, as cybercriminals demand a $14 million ransom. The ransomware gang claims to have several terabytes of data. The company was also hit with Snake ransomware in July. Investigation and recovery are ongoing. Individual Risk: No personal or financial data is reported as stolen or compromised in this incident. Customers Impacted: Unknown
How it Could Affect Your Business: Attacks on infrastructure targets have been escalating, including energy, logistics, and industrial transportation companies. While cybercriminals are still out for data, they’re also looking to disrupt essential services.
Guide to Our Risk Scores
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.
Avantia Cyber Security & ID Agent to the Rescue: BullPhish ID enables you to transform your employees from your largest attack surface to your largest defensive asset with training delivered in bite-sized pieces that’s accessible for tech and non-tech employees alike. Call Avantia on +61 7 30109711 for more information.
THREAT FOCUS: Mithaas Sweets - INDIA
Exploit: Hacking
Mithaas Sweets: Snack Manufacturer
Risk to Business: 1.806 = Severe - On the heels of a cyberattack at another popular Indian snack company, Mithaas Sweets has been hit by a ransomware attack. The company reported that its file storage and many systems had been encrypted, seriously impacting business. Investigation and recovery is ongoing. Individual Impact: No personal data was exposed in this incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Ensnaring critical systems and data.
Guide to Our Risk Scores
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.
Avantia Cyber Security & ID Agent to the Rescue: Our digital risk protection platform offers businesses multiple tools for securing their systems and data, even from unexpected dangers. For more info please call Avantia on +61 7 30109711 today.
THREAT FOCUS: Nuclear Regulatory Authority - JAPAN
https://securityaffairs.co/wordpress/110284/hacking/nuclear-regulation-authority-cyber-attack.html
Exploit: Unauthorized Systems Access
Nuclear Regulatory Authority: Government Agency
Risk to Business: 2.771 = Moderate - In a small but troubling incident at NRA, an unauthorized intruder gained access to the email system and the agency was forced to shut it down. The incursion affected both internal and external communications, snarling applications for hearings and impacting other business. Communications are limited to phone calls and in-person meetings. No data was stolen and access to any operations or research systems is through a separate, more secure system.
Individual Risk: No individual information was reported as impacted in this incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Adding extra protections for sensitive systems and data is a smart move, especially when those systems and data can impact public welfare.
Guide to Our Risk Scores
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.
Avantia Cyber Security & ID Agent to the Rescue: Secure your ,most sensitive data with the award-winning secure identiity and access management tools that you get when you choose Passly. For more info about Passly please call Avantia on +61 7 30109711
THREAT FOCUS: Isentia Media - AUSTRALIA
Exploit: Ransomware
Isentia: Media Monitoring Firm
Risk to Business: 1.775 = Severe - Analytics and media monitoring firm Isentia, the company that provides media services for much of the Australian government, has been hit by a cyberattack, likely ransomware. Customers lost access to the company’s service portal that connects them with media reporting on them, issues of interest to them, and journalists. The incident is under investigation, with no clear diagnosis of what if any data was stolen. Isentia holds sensitive information for powerful public figures as part of its media services operations.
Individual Risk: Isentia has not released information about potentially stolen personal information or customer data exposure.
Customers Impacted: Unknown
How it Could Affect Your Business: Stolen personal data including exposed credentials is readily available in Dark Web markets and data dumps, opening victims of data theft up to future cybercrime. Guide to Our Risk Scores 1 – 1.5 = Extreme Risk 1.51 – 2.49 = Severe Risk 2.5 – 3 = Moderate Risk Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.
Avantia Cyber Security & ID Agent to the Rescue: Dark Web ID is the perfect choice to ensure that your company’s credentials haven’t been exposed in a dark corner of the Dark Web. Get a FREE Demo to see if your Critical Credentials are listed on the Dark Web for sale by Calling Avantia on +61 7 30109711 now.
______________________________________________________________________________
POSTSCRIPT:
Growing Breach Fines Create Growing Alarm
In an increasingly connected electronic world, customers have an expectation that companies will take appropriate action to secure any sensitive data that they provide when purchasing goods and services. However, as we grow more dependent on electronic transactions in every facet of life, cybercriminals have become very good at worming their way into company systems to steal that data. That expectation of data privacy has led to a raft of legislation securing data privacy rights for consumers and punishing companies that fail to maintain adequate security, especially when handling medical information. Many of those statutes involve fines – and regulators haven’t been shy about imposing big fines on companies that fail to comply. Failure to secure customer information is growing extremely costly. Even powerful companies are feeling the sting of regulatory ire as record-breaking fines have been levied against them for data breaches. Recently, several international giants have been hit with news-making fines after major cyberattacks that exposed customer data including:
Aetna settled multiple HIPPA violations dating back to 2017 for $1 million
British Airways was fined an eye-popping £20 million
Marriott International was also fined in excess of £20 million
Texas Department of Health and Human Services was fined more than $1.6 million
Of course, Google leads the pack with a mind-boggling €50 million fine
As your clients assess their compliance needs in 2021, especially as new regulations are added in California and Japan, this is a great time to talk to them about why secure identity and access management with Passly and security awareness and phishing resistance training with BullPhish ID are data compliance superstars.
In many industries, multifactor authentication isn’t just smart cybersecurity, it’s a must-have that provides protection against compromised credentials and ransomware. With Passly, your clients not only get dynamic multifactor authentication with several options for token delivery, they also get secure shared password vaults that allow for extra safety precautions for essential server and system credentials and offer extra protection against cybercrime.
The biggest cybersecurity risk that your customers are facing today is phishing. Ransomware, spear phishing, business email compromise, and other pitfalls are all variants of phishing. So boosting phishing resistance with BullPhish ID is a key security enhancement that boosts a company’s overall security awareness. But only if companies engage in regular training – studies show that security awareness and phishing resistance training is extremely effective as long as it’s refreshed about every 4 months.
Ransomware Recovery is Long and Expensive. Should You Just Pay the Ransom to Make it Easier? Ransomware has been the story of the year in cybersecurity, as attacks have boomed by more than 40% since March 2020. This slippery, dangerous foe is a nightmare that can wreak havoc on your business and cost a fortune in restoration and recovery on top of the lost business and general damage.
No one wants to deal with ransomware, but since you’re already looking at an expensive proposition, can you save yourself the money, time, and headaches of undertaking a ransomware incident response by paying the ransom and getting the encryption key to unlock your systems and data – and will you get in legal trouble for doing it?
The answer is complicated. While paying the ransom may not be expressly prohibited by law, legal officials are not fans of the practice. The US Treasury issued new guidance this month urging people not to pay hackers, and noting that businesses could face civil penalties if they pay ransoms to hacker groups affiliated with sanctioned nation-states, a particular concern for the healthcare sector.
The better approach to protecting your business from phishing danger including ransomware is increased security awareness and phishing resistance training. Ransomware is most likely to arrive at your doorstep as the cargo of a phishing email, as well as other dangerous cyberattacks like business email compromise, spear phishing, and whaling.
Regular phishing resistance training and testing with a solution like BullPhish ID is extremely effective – security awareness training including phishing resistance can reduce your cybersecurity incident rate by up to 70%. No matter how you slice it, increased security awareness training is the best way to ensure that your employees are ready for the threats they face ahead to keep ransomware from taking your profits hostage.
__________________________________________________________________________________
AVANTIA CYBER SECURITY - PARTNER FOCUS
TrustGraph®: Uses Advanced, Patented AI Technology. TrustGraph® analyzes over 50 different attributes of your employees’ communications, including the devices they use, who they message most, what time of day they communicate, and so on. The powerful AI uses this data to create profiles of trusted relationships. TrustGraph® then compares incoming communications to these profiles to detect and prevent sophisticated phishing, spear phishing, and business email compromise attacks to minimise inadvertant mistakes that could cost you your business.
FOR MORE INFORMATION ON GRAPHUS AI DEFENSE GRADE CYBER SECURITY, PLEASE CONTACT AVANTIA CYBER SECURITY
ON +61 7 30109711 / info@avantiacorp.com.au
_________________________________________________________________________________
DISCLAIMER*
Avantia Corporate Services Pty Ltd T/A Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, other members of the 5 Eyes Alliance, the Australian Cyber Security Centers, and sources in 56 countries worldwide who provide cyber breach and cyber security information briefings. Given their international focus and experience in the cyberspace arena we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the contents accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.