Ransomware and other cybersecurity threats never take a holiday. That was quite apparent over the last month when we saw a variety of new cybersecurity threats making headlines. From government agencies to small businesses, nobody is immune to the threat. In this blog post, we’ll cover some of the biggest cybersecurity stories in recent weeks to help you stay one step ahead of the evolving threat.
1. DHS Issues Cyber Alert: The Department of Homeland Security has issued an alert regarding potential cyber-attacks. The alert includes other threats to homeland security pertaining to Iran. While there is no indication or warning of an imminent threat, the DHS advises to be alert and be prepared for cyber disruptions, suspicious emails, and network delays. In addition, the DHS also recommends implementing basic cyber hygiene practices such as effecting data backups and employing multi-factor authentication (MFA). Much like with the recent Cloud Hopper attacks, MFA is a simple and effective step to protect yourself. Read more.
2. Ransomware Attacks Hit U.S. Coast Guard: The United States Coast Guard recently published an alert a Ryuk ransomware attack disabled the IT network of a Maritime Transportation Security Act (MTSA) regulated facility. According to the Coast Guard, the ransomware affected systems that monitor and control cargo transfer. The ransomware infiltrated the network through a phishing email and encrypted network files forcing the facility to shut down operations for over a day. Read more.
3. New Details Show Cloud Hopper Attack Was Much Bigger Than Originally Known: A new report indicates a recent Cloud Hopper attack was much bigger than originally thought. The June 2019 attack originally hit companies such as HPE, IBM, and Fujitsu but the impact seems to be even greater. According to a new report from the Wall Street Journal, the attack hit at least a dozen cloud providers when the attackers were able to ‘hop’ into client networks after attacking service providers and attempt to steal sensitive corporate and government information.
4. Ransomware Attack Force Layoffs at Arkansas Company: In another unrelated ransomware incident affecting a telemarketing agency, forcing the agency to fire 300 employees days before Christmas. Two months ago, a ransomware attack targeted the company’s servers and they haven’t recovered despite paying the ransom demand. The company has suspended operations as they deal with the aftermath of the attack and work to bring systems back online and recoup their losses. Read more.
5. New Ransomware Strain Targeting MSPs: A new strain of ransomware known as Zeppelin is targeting managed service providers (MSPs) and healthcare companies. Zeppelin is a Ransomware-as-a-Service (RaaS) variant similar to a previous strain known as VegaLocker. Like similar variants, Zeppelin is highly configurable and more difficult to detect. According to reports, attackers are infiltrating MSPs through Remote Desktop servers. Once the ransomware is on the system, it begins to terminate processes associated with backups and mail servers, steals data (in some cases), and encrypts data to hold for ransom. Read more.
According to Datto’s Global State of the Channel Ransomware Report, the lack of cybersecurity training is a leading cause of successful ransomware attacks, with the top delivery method being phishing emails, followed by malicious websites, and clickbait. Educating clients should be an ongoing effort for every MSP. Recommending solutions that can help them recover from downtime caused by things like ransomware becomes much easier when clients have a solid understanding of how malware works and the disastrous impact it can have on businesses.
For more statistics and best practices on the current landscape of ransomware, check out the full report today.