SoftwareOne logo

4.15 min to readDigital WorkplaceCloud ServicesNews and Updates

Cyber security update, April 2023

Ravi Bindra
Ravi BindraCISO
A blurry image of a city with lights in the background.

SoftwareOne believes there is a need for additional information when it comes to cybersecurity, as organizations have made it clear that investment in a proper security strategy is paramount. SoftwareOne’s monthly “Cyber security update” provides information on the most recent threats, the latest breaches and how to react to them in order to stay on top of malware and ransomware threats.

Latest security breaches

Australian company Latitude Financial Services says criminals have stolen around 14 million records containing the personal information of past and present customers in the region. The files include almost 8 million driver licence numbers but the company says only 100 customers’ financial statements were taken.

Government agencies in the Philippines have lost almost 1.3 million records containing highly sensitive information such as fingerprint scans and birth certificates, as well as tax and passport data. More than 800GB of data was taken from the agencies responsible for law enforcement and taxation.

In the US, a ransomware attack has hit payments specialist NCR. The attack caused an outage at one of its data centres and disrupted some of its point-of-sale systems. Criminals claim they stole credentials that could be used to access NCR’s customer networks.

Cyber security awareness

The amount of data being stolen from Russian companies increased 42-fold in 2022 compared to the previous year. Retail, industrial, transportation and energy companies were most affected, with the number of records taken increasing from 33 million in 2021 to 1.4 billion last year. Security experts say the motivation behind these attacks appears to be to cause reputational damage rather than extracting cash as most of the stolen information was posted for free online.

Uber has suffered its third data breach in six months, with criminals making off with the personal information of more than 77,000 Uber drivers after breaching the systems of its legal representative, Genova Burns LLC.

Yum! Brands, the parent company of KFC, Pizza Hut and Taco Bell, has sent data breach notification letters to an unknown number of customers, warning them that their personal information was stolen in a ransomware attack. The attack forced the company to temporarily shut 300 of its restaurants in the United Kingdom.

Despite laws requiring network breaches to be disclosed, more than 40% of security professionals say they have been instructed to keep data leaks secret. Bitdefender’s 2023 Cybersecurity Assessment report found that the US was the worst offender with over 70% of information security workers being told to hide data breaches.

Cyber security intelligence

Russian cyber espionage group APT28, also known as Fancy Bear, Pawn Storm and several other aliases, is suspected of carrying out attacks on poorly maintained Cisco routers. The NSA, FBI and the UK’s National Cyber Security Centre are warning that the group is deploying malware on unsuspecting organizations’ systems using a five-year-old remote execution vulnerability in Cisco IOS and IOS XE Software, CVE-2017-6742.

Hot topic of the month: what to do after your data is compromised

As data breaches become more common, it’s impossible to protect all your personal information from being exposed by criminals, especially if you trust it to a third party. Regardless of whether it’s a large corporation, a government agency, or your local supermarket, any information you share is only as safe as that organization’s weakest link.

Here are some steps to take if you discover your personal information has been compromised.

Change your passwords

Passwords should be changed on a regular basis but it’s especially important to do so after a breach. Use long, secure and unique passwords. It’s also important to not use the same password for multiple accounts. Password managers can be useful to keep track of your different access credentials. Read more

Use two-factor authentication - 2FA

Two factor authentication (2FA) adds an extra layer of security because it requires your password as well as another code, which could come from a text message or authentication app, in order to access the account. Read more

Look out for updates from the breached company

Companies that experience a data breach often post updates for affected customers, so look out for information related to what has happened, both on the company’s website and/or via email on what to do next.

Keep an eye on your accounts and credit reports

After being compromised, you should pay extra attention to your account activities and credit report for suspicious activity. Consider subscribing to identity theft protection services.

Freeze your credit

Consider contacting the main credit bureaus to freeze your credit, which will ensure that even if ID thieves have all your information, they will not be able to open new lines of credit in your name.

It comes all down to one conclusion: as experts see the rise of new business models for ransomware gangs, your organisation must build resilience. If victims make themselves resistant to attack, criminals cannot profit.


A blurry image of a computer screen with numbers on it.

Exploring the possible

Microsoft 365 provides a holistic approach to security, helping you to protect identities, data, applications, and devices across on-premises, cloud, and mobile. We will guide you through each licensing type covering possible security settings.

Exploring the possible

Microsoft 365 provides a holistic approach to security, helping you to protect identities, data, applications, and devices across on-premises, cloud, and mobile. We will guide you through each licensing type covering possible security settings.

Author

Ravi Bindra

Ravi Bindra
CISO

Ravi holds over 20 years’ experience as a cyber security evangelist, holding multiple leadership roles in the Swiss pharmaceutical industry, such as Global Head of Risk Management, Global Head of Architecture and Global Head of Security Operations.