4.25 min to readDigital WorkplaceCloud ServicesNews and Updates

Cyber security update, February

sethunathan-bala-contact
Bala SethunathanDirector, Security Practice & CISO
data-streams-chip-mainboard-getty-1254770264-blog-hero

March 7, 2023

SoftwareOne believes there is a need for additional information when it comes to cyber security, as organisations have made it clear that investment in a proper security strategy is paramount. SoftwareOne’s monthly Cyber Security Update provides information on the most recent threats, the latest breaches and how to react to them in order to stay on top of malware and ransomware threats.

Latest security breaches

Twitter kicked off 2023 by losing another 235 million users’ email addresses, which were stolen by hackers and published on hacker forums. Twitter denies a claim by security researchers that the data was scraped using vulnerabilities in a Twitter API. Twitter is already involved in lawsuits in California regarding previous privacy breaches.

The healthcare sector has been hit hard in 2023 with multiple breaches reported. The Heritage Provider Network in the US suffered a ransomware attack that exposed 3.3 million patent records. In the UK, personal details of 14,000 employees at a Liverpool NHS hospital trust were exposed when a spreadsheet containing payroll information was accidentally emailed to hundreds of people.

In another attack in the UK, administrative consoles were left exposed to the internet, which resulted in more than 1 million CHS Healthcare patients’ personal details being exposed.

In India, the online train ticket booking system RailYatri was hacked, with the hacker exposing a 12GB database containing email addresses, names, genders, phone numbers and the locations of more than 31 million users.

UK sports retailer JD Sports has reported a data breach of a system containing customer orders, which exposed the personal information of more than 10 million of its customers.

Cyber security awareness

In 2022 in the US, a single corporate data breach cost on average USD9.4 million, according to IBM’s Cost of a Data Breach 2022 report. This is just the initial financial cost and doesn’t include any damage done to the company’s reputation and loss of current or future business. IBM found that only about 50% of small and medium-sized businesses have a cyber security plan and predicts cyber crime to have cost businesses a total of USD10.5 trillion by the end of next year.

Users of password management service LastPass have been advised to change all their passwords after the company suffered a major data breach in which hackers could access the company’s secure vault data. This the latest in a string of security issues faced by its 30 million+ users.

Web hosting platform GoDaddy has admitted that hackers have had access to its systems for many years since malware was planted on its network in 2020 and 2021. The multi-year attack has exposed the personal details of millions of users and GoDaddy has said it is working with cyber security experts and law enforcement agencies to find the cause of the breach.

Cyber security intelligence

North Korean attackers are using the Maui ransomware to target healthcare, public sector and critical infrastructure in the US and South Korea according to a joint cyber security announcement by the NSA, FBI and security agencies from the Republic of Korea. The bad actors are demanding payment in cryptocurrency to decrypt systems and using the revenue to support North Korean objectives.

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have co-authored a script to help companies recover from the ESXiArgs ransomware campaign, which exploits known vulnerabilities in VMware ESXi servers. The attack, which has already compromised over 3800 servers worldwide, leaves VMs unusable. The agencies recommend compromised organisations to follow the provided guidance to attempt to recover access.

Slow road to cyber resilience during 'poly-crisis'

There are several major crises facing the world, with a prolonged war in Ukraine, global political uncertainty, rising food and fuel costs, extreme weather events and supply chain issues all in effect. This, all during a time when cyber security attacks continue to grow at unprecedented rates, has been described as a time of poly-crisis.

During these times, building resilience to cyber attacks requires a combined effort that is not restricted by borders or businesses, according to the Centre for Cybersecurity at the World Economic Forum.

The Global Cybersecurity Outlook 2023, published by the WEF in January, states “it is fundamental for private and public sectors to strengthen cyber resilience to mitigate future disruption”. The report finds that 91% of business leaders expect a “far-reaching, catastrophic cyber event” before 2025.

Considering past experiences, such as the WannaCry ransomware in 2017 that brought the UK's National Health Service to its knees, the next big attack is expected to bring down entire countries or groups of countries.

If cyber crime was a state, it would be the third-largest economy in the world after the US and China.
default-male-contact

Edi Rama

Prime Minister of Albania

In 2022, Albania’s government networks were targeted multiple times, allegedly by Iranian state-sponsored hackers, and Rama says the attacks have continued into 2023. According to Google, in the past three years there’s been a 300% increase in state-sponsored cyber attacks targeting NATO-based users.

There is no way for a single company, organisation or country to defend against this type of massive attack. Business leaders, security experts and governments need to work together and share crucial information with each other in order to avoid a catastrophe, but even then, they will require time to build up resiliency.

The good news is that, compared to 2022, business leaders and cyber security experts have started to reduce the disconnect in how they perceive cyber security issues. However, there is a lot of work to be done, and it’s up to all organisations – both public, private and government – to work closer together and reduce the attack vectors vulnerable to attackers.

Build resilience into your security approach

Find out how SoftwareOne can help you stay ahead of the latest malware and ransomware threats.

Build resilience into your security approach

Find out how SoftwareOne can help you stay ahead of the latest malware and ransomware threats.

Author

sethunathan-bala-contact
Bala Sethunathan
Director, Security Practice & CISO