Threat Alerts

Data Breach, Cyber Alert Monday 08-05-2019

Data Breach, Cyber Alert Monday: Last week, credentials from the Dark Web compromise a company’s network, healthcare records are held for ransom…

LAST WEEK’S HACKS, ATTACKS, DATA BREACHES AND MORE…


New Haven Public Schools:
Public school district serving students in New Haven, Connecticut

Exploit: Ransomware

Risk to Small Business: 2.333 Severe: A network vulnerability allowed hackers to install ransomware on the district’s servers, prohibiting access to many of their critical digital assets. Fortunately, New Haven Public Schools maintained comprehensive backups, allowing them to restore functionality without paying the ransom. Many attacks in this realm are self-initiated, with an employee accidentally clicking into a phishing email that installs malware into a system. However, in this case, the district insists that technical vulnerabilities were the culprit.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: A holistic ransomware response plan is a mission-critical component of any organization. This plan, which must include everything from attaining the right insurance policy to determining a philosophical position on paying ransom demands, can mitigate the consequences of an attack. In this case, New Haven Public Schools had the backups in place to avoid paying a ransom and to quickly restore operations. Of course, securing IT infrastructure is a complicated process, and partnering with third-party experts can help spot vulnerabilities before the lead to a data breach.

 


iNSYNQ: Cloud hosting platform providing virtual desktops for enterprise clients

Exploit: Ransomware

Risk to Small Business: 2.111 = Severe: A ransomware attack on July 16th crippled the cloud hosting platform’s services. The attack had cascading consequences, impacting both iNSYNQ and companies that use its products. In response, iNSYNQ was forced to take down their entire network, which instigated a lengthy recovery process that encouraged significant criticism on social media. Therefore, iNSYNQ’s ransomware battle is playing out on two fronts. Their IT team is struggling to restore its comprehensive digital infrastructure even as the company is navigating a PR disaster that could have grave financial implications down the road.

Individual Risk:  2.428 = Severe:  While no personal information was compromised in the event, the unique nature of iNSYNQ’s product offering means that many users may have lost access to their data without a clear path to restoration. The company is encouraging all users to back up their data for thirty days to hedge against the threat of data loss from this ransomware attack.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware attacks have become so prominent that they can feel like an inevitability, and companies should treat them as such. Losing access to company data is devastating, but when client services are implicated, the consequences are magnified. As a result, supportive services like identity or credit monitoring can offer customers the peace-of-mind necessary to begin restoring the company’s badly damaged reputation.

 


Park DuValle Health Center: Non-profit medical center serving patients in Louisville, KY

Exploit: Ransomware

Risk to Small Business:  1.777 = Severe: After successfully restoring their network following a ransomware attack in April, Park DuValle Health Center was attacked again in June, ultimately choosing to pay $70,000 to restore access to their network. The most recent ransomware attack encrypted medical records, contact information, insurance information, and all other patient-related data for past and present patients. The healthcare provider has been without this information since June 7th, and they’ve been unable to schedule new patients during that time. Consequently, the clinic is relying on patients’ memories about treatment and medications, a troubling reality for any healthcare provider.

Individual Risk:  No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: A ransomware attack is a costly ordeal with broad consequences that extend beyond the immediate expense of restoring system access. In this case, Park DuValle’s entire business was crippled, making the $70,000 ransom payment the least of their financial worries. It’s a reminder that having the tools necessary to respond to a ransomware attack is part of the cost of doing business in today’s digital environment.

 


Cancer Treatment Centers of America:  National, for-profit network of cancer care, research, and outpatient care centers

Exploit: Phishing Attack

Risk to Small Business:1.888 = Severe: On June 6th, the Cancer Treatment Centers of America detected unauthorized email account access at its Philadelphia-based medical center. The account was compromised when an employee fell for a phishing scam in early May, meaning that intruders had access to patient data for more than a month before it was detected. As a result, the company will face enhanced regulatory scrutiny even as they grapple with the technological and public relations implications associated with a data breach.

Individual Risk: 2.142 = Severe: A single phishing scam compromised the personally identifiable information for thousands of patients. This includes their names, addresses, phone numbers, dates of birth, medical record numbers, and other patient-related information. Those impacted by the breach should monitor their accounts for unauthorized access, and they should consider identity or credit monitoring services to help ensure the long-term integrity of their data.

Customers Impacted: 3,904

How it Could Affect Your Business: Personally identifiable information can quickly make its way to the Dark Web, and every organization needs a plan for protecting that information in the event of a data breach. At the same time, providing supportive services, like credit or identity monitoring, is a good first step toward repairing the damage and restoring customer confidence in your organization.

 


In Other News:

Ransomware Gets a New Lease on Life…

Ransomware attacks have made a precipitous return to public life, making them one of the most potent threats in today’s digital landscape. 

Once targeting individual computer systems, ransomware fell out of favor with cybercriminals as it failed to net significant returns. That changed when cybercriminals began targeting local governments and small and medium-sized businesses where they can earn thousands of dollars from the relatively inexpensive attack method.

Many attribute this shift in approach to the WannaCry ransomware virus, which captured national headlines and set a new direction for future cybercriminals.

As municipalities and organizations grapple with the best response plan, it’s clear that bad actors will continue to wreak havoc with new iterations of ransomware. A strong defense is the most affordable and advantageous approach to these attacks and getting expert eyes (like ours!) on your cybersecurity landscape can ensure that your vulnerabilities are accounted for.

 


A Note From Kobargo..

The Increasing Cost of a Data Breach… 

As the headlines continually demonstrate, data breaches are quickly becoming a prominent problem for organizations of any size and operating in any sector. The bad news, according to IBM’s annual report on the cost of data breaches, is that they are also becoming more expensive.

In 2019, companies can expect to spend $3.92 million on a data breach, a 12% increase in just five years.

With today’s regulatory landscape trending toward consumers, companies can expect these numbers to continue increasing as governments intend to exact financial penalties from organizations that can’t protect their customers data.

Consequently, highly-regulated industries like healthcare and financial services saw the most significant price escalations.

The report is especially troubling for SMBs. IBM concluded that companies with less than 500 employees will still incur losses in excess of $2 million if a data breach occurs, and they can expect these costs to continue to for several years after a breach.

The high cost of a data breach makes cybersecurity partnerships a relatively inexpensive way to protect your organization from the catastrophic consequences that accompany a breach.

 

Check Out Our Latest Video On “Password Protection” Available Now! 


Contact Kobargo Technology Partners to schedule a free consultation today!

The best online JS tools can be found at HTML-CSS-JS.com: script beautifier, compressor, cheat sheet or just read the blog.

Read more
Data Breach, Cyber Alert Monday 07-29-2019

DATA BREACH, CYBER ALERT MONDAY:

LAST WEEK, HACKERS SEND A MESSAGE TO GOVERNMENT AGENCIES, EMPLOYEE ERRORS COMPROMISE THOUSANDS OF PEOPLE’S DATA…

LAST WEEK’S HACKS, ATTACKS, DATA BREACHES AND MORE…


Northwood, Inc:
 Provider of medical equipment, prosthetics, and supplies

Exploit: Unauthorized email account access

Risk to Small Business: 1.555 Severe: On May 6th, hackers gained access to an employee’s email account that contained patients’ personally identifiable information. A forensics investigation determined that hackers accessed company data for three days, and it’s unclear why Northwood waited more than two months to notify the public. In response, all employee passwords were reset, and Northwood encouraged employees to be vigilant about identifying suspicious emails. In addition, the company is upgrading its email security to try and prevent suspicious emails from reaching employees’ inboxes.

Individual Risk: 2= Severe: The hacked email account contained sensitive client data and personally identifiable information. This includes names, dates of birth, dates of service, provider names, medical record numbers, patient identification numbers, and other health-related information. In addition, some clients had their Social Security numbers, driver’s license numbers, and health insurance information exposed. Northwood cannot confirm if this information was viewed or accessed by hackers, so those impacted by the breach need to be especially vigilant about monitoring their accounts for suspicious activity. Moreover, they should acquire identity and credit monitoring services to ensure the long-term integrity of their data.

Customers Impacted: Unknown

How it Could Affect Your Business: In today’s interconnected digital environment, small mistakes can have catastrophic consequences. In this case, a single email gave bad actors expansive access to people’s sensitive data. While Northwood is taking all the right steps to recover from the breach, companies that truly prioritize data security will take these actions before a breach occurs, which will not only help protect critical information, but it will save companies the incredible expense and reputational cost associated with a data breach.


Syracuse City School DistrictPublic school district based in Syracuse, New York

Exploit: Ransomware

Risk to Small Business: 2 = Severe: Ransomware brought services to a stop at the Syracuse City School District. The attack prevented the district from accessing their systems, and the malware spread to the city’s library system, which is now similarly hamstrung. While the district used backups to restore some services, including payroll, human relations, and student management, many of its online infrastructure remains inaccessible. What’s more, the district is embroiled in a debate about the best approach to recover their network as their insurance provider encourages them to pay the ransom and law enforcement agencies suggest that they refrain from making a payment. Regardless of the eventual approach, the district expects to incur six-figure losses from the incident.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: The incident at Syracuse City School District illuminates a fierce debate about the most advantageous response to a ransomware attack. Many see paying the ransom as the fastest and most affordable way to recover crucial IT infrastructure. However, responding to ransom demands can incentivize bad behavior, making it more likely that these attacks will continue to wreak havoc on organizations and municipalities around the world. Therefore, it’s important to remember that the best response plan is based around a robust defense that includes identifying network vulnerabilities before an attack occurs.


Adirondack Health: Full-service healthcare provider serving patients in the Adirondack region of New York

Exploit: Unauthorized email account access

Risk to Small Business: 1.555= Severe: In March 2019, a remote hacker gained access to an employee’s email account that contained copious amounts of personal data. Although only one email contained patients’ personally identifiable information, it included an attachment for a “gap-in-care” analysis spreadsheet that provided hackers with access to a deluge of patient data. HIPAA guidelines mandate that companies report a data breach within 60 days, so it’s unclear why the company waited longer to notify the agency. In addition to the PR disaster that always accompanies a data breach, Adirondack Health could face fines and penalties because of their slow response time.

Individual Risk:  2.142= Severe: A significant amount of personal information was compromised in this breach, including names, treatment data, health insurance information, and dates of birth. Because this information is frequently sold on the Dark Web, those impacted by the breach should carefully monitor their accounts for suspicious activity. Moreover, identity and credit monitoring services can help ensure that credentials remain secure.

Customers Impacted: 25,000

How it Could Affect Your Business: Small mistakes can have catastrophic consequences for personal data. In this case, brief access to a single email account provided hackers with just one document that compromised data integrity for thousands of people. While companies should take every measure possible to protect their data before a breach, understanding what happens to people’s information after it’s compromised is an important step in the recovery process.


WMNF 88.5 FM:  Tampa-based community radio station

Exploit: Ransomware

Risk to Small Business: 1.777 = Severe: A ransomware attack on WMNF 88.5 FM forced the station to stop its live broadcasts, leaving listeners with pre-recorded shows instead. The attack also impacted their AudioVault system that includes much of the station’s programming, including advertising material that constitutes a significant share of their revenue. In addition, ransomware restricted access to office files and forms. However, rather than paying the ransom, the station reported the incident to authorities and brought in a cybersecurity contractor to restore their files. Of course, these services alongside the opportunity cost incurred when the station’s material wasn’t accessible will still be an expensive solution for the local radio station.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: Even without paying a ransom demand, recovering from a ransomware attack is extremely expensive. Therefore, every organization needs to take every precaution possible to prevent these attacks in the first place. This certainly includes analyzing IT infrastructure for vulnerabilities, but it should also mean attaining the services necessary to know if your employee’s credentials are for sale on the Dark Web where they can be used to facilitate a ransomware attack.


Wise Health System: Medical provider serving patients in Decatur, Texas

Exploit:  Phishing attack

Risk to Small Business: 2 = Severe:  On March 14th, several employees fell for a phishing scam and entered their usernames and passwords on a false form. Hackers used this information to access an employee kiosk where they attempted to divert payroll deposits. IT administrators don’t believe that the hackers pursued patient data, but this information was included in the compromised accounts. Now, Wise Help System is responsible for providing a year of identity theft protection services to thousands of victims while also facing increased regulatory scrutiny because of their failure to report the incident within 60 days.

Individual Risk: 2.482 = Severe: In addition to the employee account details compromised in the breach, patient data was available to hackers. This includes patients’ medical record numbers, diagnosis, treatment information, and insurance data. Therefore, patients should monitor their accounts for unusual activity while also taking advantage of the identity theft monitoring services offered by Wise Health System.

Customers Impacted: 35,899

How it Could Affect Your Business: Phishing attacks are entirely preventable because they rely on employee ignorance and indifference to perpetuate data theft. However, with the right training, employees can be trained to spot phishing scams, effectively rendering them useless. It’s a cost-effective way to mitigate a serious risk to any company’s data security initiatives.


The Town of Collierville: Town in Shelby County, Tennessee

Exploit: Ransomware

Risk to Small Business: 1.777 = Severe: In an extensive attack that cut-off computer access for more than 550 government employees, attackers infected the Town of Collierville’s computer network with Ryuk ransomware. The malware made some computer systems unusable and encrypted other files, restricting the government’s access to the information. Consequently, government employees are unable to complete many tasks, including permit requests, public record requisitions, and business services. Fortunately, the town’s emergency services were not impacted by the attack. The city is enacting its response plan, but they have a long road to fully restoring operations.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware attacks are a top cybersecurity threat for local governments, making a holistic response plan a must-have element to any government’s IT strategy. Fortunately, the Town of Collierville prepared for this scenario, which allowed them to avoid paying the ransom. Regardless, full recovery is still an arduous process, which means that any measures that can help prevent a ransomware attack should be a top priority for local governments looking to avoid being the next victim of a ransomware attack.


In Other News:

Australian Consumers Demand Data Security…

According to a recent survey of Australian consumers, confidence in a company’s data security impacts their spending with that platform. The survey, which comprised of 2,000 consumers, found that 74% of Australians are less inclined to spend money with companies that cannot or will not secure their customers’ personal information. With increasing instances of financial fraud and data theft, who could blame them?

Local mayors are tired of paying the price for these attacks, and they codified this sentiment in a nonbinding, unanimous resolution at this year’s meeting of the U.S. Conference of Mayors where they vowed not to pay any more ransom demands.

To date, 34% of Australians experienced data loss from a company’s security breach or hack, and those numbers increase for younger generations that are more likely to participate in today’s expansive digital ecosystem.

Unfortunately, the retail sector and small businesses polled as the least trusted vendors, meaning that companies hoping to win customers need to make data security an integral part of their business strategy. Increasing the impetus to get this right from day one, 43% of consumers indicated that they would never return to a brand that compromised their data security.

Therefore, it’s clear that the need to identify vulnerabilities and to account for data security is more than just an altruistic endeavor. It’s mission critical for flourishing businesses in today’s increasingly digital economy. Don’t let this issue go overlooked.

With companies like Kobargo equipped to fortify your cybersecurity defenses, now is the perfect time to prepare your company for today’s evolving threat landscape.


A Note From Kobargo..800,000 Computers Still Vulnerable to “BlueKeep”… 

Despite the well-publicized threat that the BlueKeep vulnerability poses to individuals and enterprises, more than 800,000 systems are still not protected from the threat.

BlueKeep is a backdoor that allows hackers to access networks where they can directly deliver malware. The flaw can cause significant damage, and neutralizing the threat is surprising easy. A simple software update, which Microsoft issued in May, nullifies the vulnerability, but according to data compiled by a New Internet scan, less than 20% of eligible systems were updated in the past month.

With cyber threats coming from all directions, fixing security

vulnerabilities through software updates is an easy way to prevent obvious threats from wreaking havoc on your company’s IT infrastructure. Partnering with security specialists can help organizations identify vulnerabilities, fortifying their defenses before a data breach occurs.


CHECK OUT OUR LATEST VIDEO O“PASSWORD PROTECTION” AVAILABLE NOW! 


Contact Kobargo Technology Partners to schedule a free consultation today!

The best online JS tools can be found at HTML-CSS-JS.com: script beautifier, compressor, cheat sheet or just read the blog.

Read more
Data Breach, Cyber Alert Monday 07-29-2019

Data Breach, Cyber Alert Monday: Last week, hackers send a message to government agencies, employee errors compromise thousands of people’s data…

LAST WEEK’S HACKS, ATTACKS, DATA BREACHES AND MORE…


Northwood, Inc:
Provider of medical equipment, prosthetics, and supplies

Exploit: Unauthorized email account access

Risk to Small Business: 1.555 Severe: On May 6th, hackers gained access to an employee’s email account that contained patients’ personally identifiable information. A forensics investigation determined that hackers accessed company data for three days, and it’s unclear why Northwood waited more than two months to notify the public. In response, all employee passwords were reset, and Northwood encouraged employees to be vigilant about identifying suspicious emails. In addition, the company is upgrading its email security to try and prevent suspicious emails from reaching employees’ inboxes.

Individual Risk: 2= Severe: The hacked email account contained sensitive client data and personally identifiable information. This includes names, dates of birth, dates of service, provider names, medical record numbers, patient identification numbers, and other health-related information. In addition, some clients had their Social Security numbers, driver’s license numbers, and health insurance information exposed. Northwood cannot confirm if this information was viewed or accessed by hackers, so those impacted by the breach need to be especially vigilant about monitoring their accounts for suspicious activity. Moreover, they should acquire identity and credit monitoring services to ensure the long-term integrity of their data.

Customers Impacted: Unknown

How it Could Affect Your Business: In today’s interconnected digital environment, small mistakes can have catastrophic consequences. In this case, a single email gave bad actors expansive access to people’s sensitive data. While Northwood is taking all the right steps to recover from the breach, companies that truly prioritize data security will take these actions before a breach occurs, which will not only help protect critical information, but it will save companies the incredible expense and reputational cost associated with a data breach.

 


Syracuse City School District: Public school district based in Syracuse, New York

Exploit: Ransomware

Risk to Small Business: 2 = Severe: Ransomware brought services to a stop at the Syracuse City School District. The attack prevented the district from accessing their systems, and the malware spread to the city’s library system, which is now similarly hamstrung. While the district used backups to restore some services, including payroll, human relations, and student management, many of its online infrastructure remains inaccessible. What’s more, the district is embroiled in a debate about the best approach to recover their network as their insurance provider encourages them to pay the ransom and law enforcement agencies suggest that they refrain from making a payment. Regardless of the eventual approach, the district expects to incur six-figure losses from the incident.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: The incident at Syracuse City School District illuminates a fierce debate about the most advantageous response to a ransomware attack. Many see paying the ransom as the fastest and most affordable way to recover crucial IT infrastructure. However, responding to ransom demands can incentivize bad behavior, making it more likely that these attacks will continue to wreak havoc on organizations and municipalities around the world. Therefore, it’s important to remember that the best response plan is based around a robust defense that includes identifying network vulnerabilities before an attack occurs.

 


Adirondack Health: Full-service healthcare provider serving patients in the Adirondack region of New York

Exploit: Unauthorized email account access

Risk to Small Business:  1.555= Severe: In March 2019, a remote hacker gained access to an employee’s email account that contained copious amounts of personal data. Although only one email contained patients’ personally identifiable information, it included an attachment for a “gap-in-care” analysis spreadsheet that provided hackers with access to a deluge of patient data. HIPAA guidelines mandate that companies report a data breach within 60 days, so it’s unclear why the company waited longer to notify the agency. In addition to the PR disaster that always accompanies a data breach, Adirondack Health could face fines and penalties because of their slow response time.

Individual Risk:  2.142= Severe: A significant amount of personal information was compromised in this breach, including names, treatment data, health insurance information, and dates of birth. Because this information is frequently sold on the Dark Web, those impacted by the breach should carefully monitor their accounts for suspicious activity. Moreover, identity and credit monitoring services can help ensure that credentials remain secure.

Customers Impacted: 25,000

How it Could Affect Your Business: Small mistakes can have catastrophic consequences for personal data. In this case, brief access to a single email account provided hackers with just one document that compromised data integrity for thousands of people. While companies should take every measure possible to protect their data before a breach, understanding what happens to people’s information after it’s compromised is an important step in the recovery process.

 


WMNF 88.5 FM:  Tampa-based community radio station

Exploit: Ransomware

Risk to Small Business: 1.777 = Severe: A ransomware attack on WMNF 88.5 FM forced the station to stop its live broadcasts, leaving listeners with pre-recorded shows instead. The attack also impacted their AudioVault system that includes much of the station’s programming, including advertising material that constitutes a significant share of their revenue. In addition, ransomware restricted access to office files and forms. However, rather than paying the ransom, the station reported the incident to authorities and brought in a cybersecurity contractor to restore their files. Of course, these services alongside the opportunity cost incurred when the station’s material wasn’t accessible will still be an expensive solution for the local radio station.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: Even without paying a ransom demand, recovering from a ransomware attack is extremely expensive. Therefore, every organization needs to take every precaution possible to prevent these attacks in the first place. This certainly includes analyzing IT infrastructure for vulnerabilities, but it should also mean attaining the services necessary to know if your employee’s credentials are for sale on the Dark Web where they can be used to facilitate a ransomware attack.


Wise Health System: Medical provider serving patients in Decatur, Texas

Exploit:  Phishing attack

Risk to Small Business: 2 = Severe:  On March 14th, several employees fell for a phishing scam and entered their usernames and passwords on a false form. Hackers used this information to access an employee kiosk where they attempted to divert payroll deposits. IT administrators don’t believe that the hackers pursued patient data, but this information was included in the compromised accounts. Now, Wise Help System is responsible for providing a year of identity theft protection services to thousands of victims while also facing increased regulatory scrutiny because of their failure to report the incident within 60 days.

Individual Risk: 2.482 = Severe: In addition to the employee account details compromised in the breach, patient data was available to hackers. This includes patients’ medical record numbers, diagnosis, treatment information, and insurance data. Therefore, patients should monitor their accounts for unusual activity while also taking advantage of the identity theft monitoring services offered by Wise Health System.

Customers Impacted: 35,899

How it Could Affect Your Business: Phishing attacks are entirely preventable because they rely on employee ignorance and indifference to perpetuate data theft. However, with the right training, employees can be trained to spot phishing scams, effectively rendering them useless. It’s a cost-effective way to mitigate a serious risk to any company’s data security initiatives.


The Town of Collierville: Town in Shelby County, Tennessee

Exploit: Ransomware

Risk to Small Business: 1.777 = Severe: In an extensive attack that cut-off computer access for more than 550 government employees, attackers infected the Town of Collierville’s computer network with Ryuk ransomware. The malware made some computer systems unusable and encrypted other files, restricting the government’s access to the information. Consequently, government employees are unable to complete many tasks, including permit requests, public record requisitions, and business services. Fortunately, the town’s emergency services were not impacted by the attack. The city is enacting its response plan, but they have a long road to fully restoring operations.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware attacks are a top cybersecurity threat for local governments, making a holistic response plan a must-have element to any government’s IT strategy. Fortunately, the Town of Collierville prepared for this scenario, which allowed them to avoid paying the ransom. Regardless, full recovery is still an arduous process, which means that any measures that can help prevent a ransomware attack should be a top priority for local governments looking to avoid being the next victim of a ransomware attack.

 


In Other News:

Australian Consumers Demand Data Security…

According to a recent survey of Australian consumers, confidence in a company’s data security impacts their spending with that platform. The survey, which comprised of 2,000 consumers, found that 74% of Australians are less inclined to spend money with companies that cannot or will not secure their customers’ personal information. With increasing instances of financial fraud and data theft, who could blame them? 

Local mayors are tired of paying the price for these attacks, and they codified this sentiment in a nonbinding, unanimous resolution at this year’s meeting of the U.S. Conference of Mayors where they vowed not to pay any more ransom demands.

To date, 34% of Australians experienced data loss from a company’s security breach or hack, and those numbers increase for younger generations that are more likely to participate in today’s expansive digital ecosystem.

Unfortunately, the retail sector and small businesses polled as the least trusted vendors, meaning that companies hoping to win customers need to make data security an integral part of their business strategy. Increasing the impetus to get this right from day one, 43% of consumers indicated that they would never return to a brand that compromised their data security.

Therefore, it’s clear that the need to identify vulnerabilities and to account for data security is more than just an altruistic endeavor. It’s mission critical for flourishing businesses in today’s increasingly digital economy. Don’t let this issue go overlooked.

With companies like Kobargo equipped to fortify your cybersecurity defenses, now is the perfect time to prepare your company for today’s evolving threat landscape.

 

A Note From Kobargo..

800,000 Computers Still Vulnerable to “BlueKeep”… 

Despite the well-publicized threat that the BlueKeep vulnerability poses to individuals and enterprises, more than 800,000 systems are still not protected from the threat.

BlueKeep is a backdoor that allows hackers to access networks where they can directly deliver malware. The flaw can cause significant damage, and neutralizing the threat is surprising easy. A simple software update, which Microsoft issued in May, nullifies the vulnerability, but according to data compiled by a New Internet scan, less than 20% of eligible systems were updated in the past month.

With cyber threats coming from all directions, fixing security

vulnerabilities through software updates is an easy way to prevent obvious threats from wreaking havoc on your company’s IT infrastructure. Partnering with security specialists can help organizations identify vulnerabilities, fortifying their defenses before a data breach occurs.

 

Check Out Our Latest Video On “Password Protection” Available Now! 


Contact Kobargo Technology Partners to schedule a free consultation today!

The best online JS tools can be found at HTML-CSS-JS.com: script beautifier, compressor, cheat sheet or just read the blog.

Read more
Data Breach, Cyber Alert Monday 07-22-2019

Data Breach, Cyber Alert Monday: Last week, ransomware stops the music at a local radio station, employees fall for phishing scams, and U.S. mayors promise not to pay any more ransom demands..

LAST WEEK’S HACKS, ATTACKS, DATA BREACHES AND MORE…


Los Angeles County Department of Health:
Government agency responsible for overseeing health initiatives in Los Angeles County

Exploit: Ransomware

Risk to Small Business: 2.285= Severe: On March 28th, an employee at a third-party contractor opened a phishing email that gave hackers access to the company’s data, which included personally identifiable information from the Los Angeles Department of Health. Although the data was encrypted, the email account also contained the encryption keys, which functionally nullified this security feature. As the second-largest health system in the United States, the agency oversees many clinics and hospitals that could be impacted by this attack. Now, the Los Angeles County Department of Health is tasked with reinforcing its cybersecurity standards while they support their constituents who were harmed in the attack.

Individual Risk: 2.285= Severe: The data breach exposed sensitive patient information, including names, addresses, dates of birth, medical record numbers, and Medi-Cal identification numbers. In addition, two patients had their Social Security numbers compromised. Although patients were not the target of the attack and authorities haven’t found evidence that their information is being misused, personally identifiable information can quickly make its way to the Dark Web where it can be used to perpetrate financial and identity crimes. Therefore, those impacted by the breach should enroll in the provided credit and identity monitoring services to ensure their data’s continued integrity.

Customers Impacted: Unknown

How it Could Affect Your Business: Phishing attacks are an easy way for hackers to circumvent security standards by relying on employee ignorance and indifference to gain access to sensitive computer networks. Every organization can defend against these attacks by conducting awareness training with their employees. By equipping employees to identify and report phishing emails, organizations can effectively render these attacks ineffective.

 


La Porte County Government : Local government serving La Porte, Indiana

Exploit: Phishing attack

Risk to Small Business: 2.111 = Severe: A malware attack on the government’s IT infrastructure rendered more than half of their servers unusable. The attack, which delivered a ransomware virus, cut off access to the county’s website, email accounts, and other services. The remaining servers were taken offline to prevent malware from spreading further. The county purchased ransomware insurance last year, which will help offset the repair costs, but officials expect in order to fully recovery it will come at a significant expense.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware attacks on government agencies and institutions are on the rise, making a response plan a must-have element of any cybersecurity initiative. La Porte officials demonstrated many benefits of these plans, including rapid response capabilities, clear communication channels, and proper insurance to reduce the expense of an attack. Of course, surveying your organization’s IT infrastructure should be a top priority as well, since it can prevent an attack before it occurs.

 


Essentia Health: Integrated healthcare system offering services in Minnesota, Wisconsin, North Dakota, and Idaho

Exploit: Phishing attack  

Risk to Small Business:  2= Severe: A vendor providing billing services for the healthcare provider was the victim of a phishing scam that consequently compromised patient data at Essentia Health. The healthcare provider is investigating the incident and the integrity of other third-party vendor systems. In today’s digital landscape, verifiable data security standards are a must have for any partnership that involves personally identifiable information.

Individual Risk:  2.428= Severe: Essentia notified those impacted by the breach, but they have not identified any attempted misuse of patient data. Even so, once sensitive personal information is accessed, it can quickly become accessible on the Dark Web, so those affected will need ongoing credit and identity monitoring services to ensure their data’s integrity.

Customers Impacted: 1,000

How it Could Affect Your Business: Data breaches that expose people’s personal information can have devastating consequences for both the company and the victims. The most advantageous road to recovery starts with ensuring that victims have the support necessary to adequately recover from the incident. This includes identifying the cause and scope of a breach as well as providing the credit and identity monitoring services that offer rapid detection of data misuse.

 


Monroe College:  Private for-profit college and graduate school based in New York City

Exploit: Ransomware

Risk to Small Business: 1.888 = Severe: The college endured a ransomware attack that disabled network services at its three campuses. The perpetrators issued a demand for $2 million in Bitcoin to release the encrypted files that likely include most of their critical data for executing business and educational activities. While classes remain in session, all of the school’s email and website-based activities are inaccessible. Monroe College outsources its payroll, which preserved those services during the attack. Unfortunately, the school now has to decide between paying the exorbitant ransom and incurring the considerable cost of recovering network systems. Either way, it will be an expensive recovery process for Monroe College.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: Monroe College is just the latest in a series of academic institutions impacted by a ransomware attack. These attacks significantly curtail their operations while costing precious funds that are earmarked for academics. Therefore, it’s imperative to understand potential vulnerabilities before such an attack occurs. Given the high expense of recovery, the slew of negative press, and the opportunity cost associated with a ransomware attack, the relatively affordable cost of examining network vulnerabilities and compromised credentials is a bargain.


Richmond Heights City Hall : Local government offices for Richmond Heights, Ohio

Exploit:  Ransomware

Risk to Small Business: 2.111 = Severe:  When an employee opened a phishing email, it unleashed ransomware that disrupted City Hall’s IT infrastructure. The malware encrypted the employee’s files and displayed a ransom note on the screen that demanded payment in Bitcoin to restore services. While the ransomware disabled the city’s computers and servers, their email and internet services were not impacted in the attack. Fortunately, the city-maintained backups that allowed them to restore their files without paying the ransom.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware can have catastrophic consequences for any organization, but this incident is a reminder that they are often initiated by subtle mistakes. In this case, a single phishing email could have compromised the IT infrastructure for an entire city government. Maintaining adequate backup services and other restorative processes are critical to recovering from a ransomware attack but protecting against the methods that are frequently used to deploy these attacks is equally important.   


KHSU Radio Station: Radio station owned by Humboldt State University

Exploit: Ransomware

Risk to Small Business: 2.333 = Severe: Hackers exploited a network vulnerability to deliver ransomware to KHSU’s programming systems and storage servers. Fortunately, the affected servers did not contain any sensitive data, but the attack disrupted the station’s programming, which went offline on July 1st. The hackers are demanding a ransomware to restore the systems, but an actual amount hasn’t been specified. Until services are restored, the station’s listeners will continue to be without programming.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: The opportunity cost associated with a ransomware attack can be just as damaging as the immediate recovery cost. In this case, listeners are without the station’s regular programming, which will drive them to other stations. To make matters worse, the attack was issued using an avoidable network vulnerability. When it comes to avoiding a ransomware attack, the best offense is a strong defense. Prioritize a thorough review of your network infrastructure and repair any vulnerabilities before hackers exploit them for their own gain.


In Other News:

U.S. Mayors Unite Against Ransomware Payments..

2019 has seen a significant uptick in the number of ransomware attacks on local governments. High profile attacks on cities in Florida and Maryland attracted most of the mainstream media attention, but, to date, 22 municipalities were the victim of a ransomware attack in the first half of the year.

Local mayors are tired of paying the price for these attacks, and they codified this sentiment in a nonbinding, unanimous resolution at this year’s meeting of the U.S. Conference of Mayors where they vowed not to pay any more ransom demands.

Noting that ransom payments provide a financial incentive for additional perpetrators to proliferate these attacks, conference members are committed to disincentivizing this behavior in an attempt to abate this troubling trend.

The conference is comprised of 1,400 mayors from various U.S. cities with populations of over 30,000, and, while there is no mandate that members must follow this resolution, it provides political and legal cover for mayors to refuse ransom payments.

In some cases, not paying a ransom can be considerably more expensive, and it can take longer to recover affected systems.

It also raises the stakes in the fight against ransomware, and local municipalities will need to do everything they can to fortify their IT infrastructure against the many access points for ransomware. Partnering with us can help your organization identify its most prescient vulnerabilities to ensure that they can avoid the decision to pay a ransom altogether.

 

A Note From Kobargo..

Ransomware Attacks Target Network Attached Storage Devices..
 
According to recent findings by cybersecurity researchers, a new form of ransomware dubbed eChoraix, is being used to attack network attached storage (NAS) devices.

 

The malware specifically targets QNAP NAS devices, which are used around the world. These devices are already connected to the internet, and hackers use brute-force attacks to expose weak login credentials to gain access to the device.

These devices frequently store critical system backups and other sensitive information, but they often don’t come with the sophisticated security features that accompany built-in computer storage.

Much like the delivery method, the malware’s source code is simple, consisting of less than 400 lines. Unfortunately, this simplistic attack can still cause serious damage to users’ data, as they will be forced to either pay a ransom to recover the backups or to rely on other storage units to provide these services.

QNAP has issued a patch for these vulnerabilities, but, more broadly, every organization needs to be aware of the rapidly shifting landscape for today’s ransomware attacks that are becoming stealthier and more damaging. Cybersecurity services can help you navigate this landscape by transforming your vulnerabilities into your greatest asset in a robust cyber defense. 

 
 

For More Info On “Password Protection” Stay Tuned For Our Latest Video. Coming Soon! 


Contact Kobargo Technology Partners to schedule a free consultation today!

 

The best online JS tools can be found at HTML-CSS-JS.com: script beautifier, compressor, cheat sheet or just read the blog.

Read more
Data Breach, Cyber Alert Monday 07-15-2019

Data Breach, Cyber Alert Monday: Last week, ransomware affects organizations of all shapes and sizes, US Virgin Islands Police Department attacked..

LAST WEEK’S HACKS, ATTACKS, DATA BREACHES AND MORE…

Georgia’s Administrative Office of the Courts and Judicial Council of Georgia: Digital information arm for the Georgia state court system 

Exploit: Ransomware

Risk to Small Business: 2.333= Severe:  A malware attack infected the agency’s computer network with ransomware, encrypting their files and disrupting many of their services. Officials have yet to reveal the ransom amount, but it marks the second significant ransomware attack for a Georgian government agency in 15 months. Fortunately, the agency does not store personal information on the affected network, and servers were brought offline to prevent malware from spreading. The previous attack in 2018 cost $7.2 million, foreshadowing another expensive blow that can be measured in time and money.

Individual Risk: No personal information was compromised in the breach. 

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware attacks wreak havoc on an organization’s operational and financial integrity. To make matters worse, they are increasingly becoming more common and costly. Nevertheless, many ransomware attacks are delivered through phishing emails, which can be thwarted through organizational cyber-security training for employees. Given the exceedingly high recovery expense and cascading damages caused by a ransomware attack, such training is the most cost-effective way of protecting

 


Alive Hospice: Healthcare provider offering hospice and family support services

Exploit: Unauthorized network access attack

Risk to Small Business: 2 = Severe: On May 6th, hackers gained access to an employee’s email account containing personally identifiable information for patients at Alive Hospice. Although the company quickly reset the account password, the intruder was able to view significant amounts of sensitive data. In this case, a single email account was able to compromise newsworthy amounts of patient data, while also interrupting business processes. Alive Hospice will incur the expense of credit and identity monitoring services, along with the less quantifiable reputational cost that accompanies a data breach.  

Individual Risk: 2 = Severe: Although there is no indication that hackers have misused any company data, they did have access to patients’ names, contact information, dates of birth, social security numbers, driver’s license numbers, credit/debit card numbers, medical history information, treatment and prescription information, physician information, medical record number, Medicaid/Medicare numbers, health insurance information, and other in-house account details. Therefore, those impacted by the breach should enroll in the free credit and identity monitoring services being offered by Alive Hospice while remaining vigilant about monitoring their accounts for suspicious activity.  

Customers Impacted: Unknown

How it Could Affect Your Business: Personally identifiable information (PII) can quickly make its way to the Dark Web, where it can do considerable damage to those affected by a breach. Therefore, understanding what happens to compromised patient data is a significant part of any data breach recovery effort. 

 


US Virgin Islands Police Department: Law enforcement agency serving the United States Virgin Islands

Exploit: Ransomware  

Risk to Small Business:  1.666- Severe: An April ransomware attack on the island’s police computer network encrypted all files stored on the department’s servers. The impacted data included information related to internal affairs and citizen complaints, and the “Blue Team” and “IAPRO” programs were unavailable for several weeks. In addition, backups for some systems were also corrupted, requiring the department to install new versions of the affected software. Not only is the department struggling to provide services to its constituents, but it will also face a significant repair cost that is growing by the day. . 

Individual Risk:  2.571= Severe: Hackers did encrypt information related to citizen complaints, which could include sensitive personal information. However, there is no indication that this information was viewed or stolen during the ransomware attack.

Customers Impacted: Unknown

How it Could Affect Your Business: The true price tag on a data breach can be deceptive, as recovery costs must be added to the opportunity cost of interrupted business processes and reputational damages. Organizations must be capable of knowing if personal information is accessed in an attack and need internal protocols to protect infrastructure and mitigate damage as much as possible.

 


Maryland Department of Labor:  Local government agency serving the state of Maryland

Exploit: Unauthorized database access

Risk to Small Business: 2.222 = Severe: Hackers gained access to two agency databases that contained personally identifiable information. The breach, which occurred in April, involved data from those who received unemployment benefits in 2012 or pursued a general equivalency diploma in 2009, 2010, or 2014. It’s unclear why the agency waited several months to notify those impacted by the breach, but this cybersecurity incident underscores a troubling trend in government agencies in general and Maryland in particular. The agency will now be responsible for paying victims for two years of credit monitoring services, while also spending precious funds on recovery efforts. 

Individual Risk: A damage assessment conducted by a third-party forensics team concluded that no personal information was downloaded in the attack. However, hackers did have access to a deluge of personal data, including names, social security numbers, birth dates, city or county of residence, graduation dates, and record numbers. Those impacted by the breach are encouraged to closely monitor their credentials and to enroll in the credit monitoring services being offered by the agency.  

Customers Impacted: 78,000

How it Could Affect Your Business: It’s no secret that data breaches, especially those that compromise sensitive personal information, are always harmful. However, organizations can work to repair the damage by supporting those impacted with protection. By continuously monitoring the Dark Web, where stolen credentials are quickly bought and sold, businesses can grow and retain their customer base while generating loyalty. 


Mercy Health: Catholic healthcare ministry serving Ohio and Kentucky

Exploit:  Email security breach

Risk to Small Business: 2 = Severe:  A compromised email account at a third-party vendor in 2018 ultimately resulted in compromised personal information for Mercy Health patients. The third-party vendor, OS Inc., was involved in a similar data breach last year and was responsible for updating information for Medicare beneficiaries and billing for certain services. The incident reflects the complicated cyber-security threats facing institutions working with third parties, specifically as it relates to managing personally identifiable information.   

Individual Risk: 2.285 = Severe: Hackers did not gain access to financial or medical information, but they were able to view significant amounts of personally identifiable information, including names, dates of birth, dates of service, patient identification numbers, Social Security numbers, and medical record numbers.  

Customers Impacted: Unknown

How it Could Affect Your Business: Working with contractors and third parties is often a requirement in today’s digital ecosystem. However, those partnerships can create vulnerabilities that organizations need to address before allowing third parties to access their data. Therefore, robust cybersecurity protocols should be a prerequisite for any business relationship that includes that exchange of sensitive personal information.     


American Land Title Company (ALTA): National trade association representing various real estate entities

Exploit: Phishing scam

Risk to Small Business: 1.888 = Severe: A so-called ethical hacker contacted ALTA regarding 600 data entries accessed by its members using a phishing campaign. The compromised data may have included highly sensitive company data from ALTA organizations. This is the second phishing scam targeting ALTA members this year when a similar scam that originated within the organization was sent to member companies.

Individual Risk: 2.285 = Severe: While the data accessed pertains to the companies involved, it could also include personal information, including domain identification, IP addresses, usernames, and passwords. ALTA organizations should encourage employees to monitor their accounts for suspicious activity and to ensure that they use unique, strong passwords for all accounts, especially those containing personally identifiable information. 

Customers Impacted: Unknown

How it Could Affect Your Business: Phishing scams are unleashed with speed and precision, and they can quickly compromise your organization’s data. Fortunately, they are also entirely defensible with comprehensive awareness training. Knowing if your organization’s credentials are compromised before a data breach occurs can prevent a security incident before it harms your company and your customers.

 


In Other News:

Company Cut Off from Government Contracts After Data Breach 

Last month, Perceptics, a maker of license plate readers used by the U.S. Customs and Border Patrol (CPB), endured a significant data breach that resulted in 65,000 files published to the Dark Web.

As a result, the company has been placed on a veritable government black-list, suspending Perceptics from procuring government contracts. Although the suspension is technically limited to the CPB, the notice, which cites “evidence of conduct indicating a lack of business honesty or integrity,” could shun the company from doing business with other government agencies.

Before the suspension, Perceptics had a 30-year working relationship with CPB, and their dissolution indicates the weight of unimpeachable cybersecurity standards for companies handling sensitive personal information on behalf of the government.

What’s more, Perceptics will still face administrative proceedings that will determine the company’s fate as it pertains to future work with the U.S. Government.

The incident is a warning to all companies: cyber-security is an obligation, not just a suggestion. Data breaches place people’s data at risk but are increasingly becoming capable of compromising an organization’s financial stability. Rather than leaving it up to chance, coordinate with Kobargo to ensure that your cyber-security posture is ready to meet the moment.

 

A Note From Kobargo..

A Divide in Ransomware Response Ethics 
 
Local governments and municipalities are frequently targeted with ransomware attacks by cyber criminals who view government agencies as soft targets with potentially significant rewards. While leaders are unified in their abhorrence of this behavior, disparities exist when aligning on response plans. 

Some governments choose to pay the ransom, seeing it as the least expensive option available. Of course, this behavior makes other governments more vulnerable to a similar attack because it indicates that authorities are willing to pay criminals to restore access to their systems.
 
In contrast, some local governments refuse to pay, a principled stance that can be more expensive in the long run. For instance, Baltimore authorities refused to pay a $75,000 ransom to regain access to its network, but full system restoration is estimated to cost $10 million, and other ancillary disruptions may cost $8 million more.
 
The message is clear and simple: all organizations need to do everything they can to prevent a ransomware attack in the first place. Contingency plans like backups and cyber insurance are critical for responding to an attack, but employee awareness training and threat analysis services offered by cyber-security experts can prevent ransomware attacks before placing your company in the precarious position of deciding on ransom payments. 
 
 

For More Info On “Password Protection” Stay Tuned For Our Latest Video. Coming Soon! 


Contact Kobargo Technology Partners to schedule a free consultation today!

 

The best online JS tools can be found at HTML-CSS-JS.com: script beautifier, compressor, cheat sheet or just read the blog.

Read more