Cyber Security Update

May / June 2020

Cyber Security Update

Cyber Security Update - May / June 2020

SoftwareONE believes there is a need for additional information when it comes to cybersecurity, as organizations have made it clear that investment in a proper security strategy is paramount. SoftwareONE’s monthly Cyber Threat Bulletin provides updates on the most recent threats, the latest breaches and how to react to them in order to stay on top of malware and ransomware threats.

Stay Ahead Of Cyber Threats – May / June Bulletin

Again, more than 73 million user records stolen from a number of online business services were offered for sale on the dark web by hacker group ShinyHunters. And this is only the beginning. Where only one or two years back, criminals seemed to be more interested in individual servers the interest seems to shift today towards enterprise networks access. "Access for sale" on the dark web is a generic term, referring to software, exploits, credentials, or anything else that allows illicitly controlling one or more remote computers. Successfully hacking a website, web server, database, or workstation means that the attacker has access. This access can be transferred or sold to third parties.

With so many employees currently working from home hackers are looking for different security lapses on the network perimeter, such as an unprotected web application, outdated software, or incorrectly configured servers with a weak administrator password. The larger the hacked company is, and the higher the obtained privileges, the more profitable the attack becomes.

Dramatic Rise in Dark Web Offers

This is underpinned by a new research conducted by PT Security: The first quarter of 2020 saw a dramatic rise in dark web offers to sell access to enterprise networks, with the number of posts advertising access up 69%. In contrast, Q1 2019 saw more interest in selling and buying access to individual servers. According to another release coming from TrendMicro popular items now sold on the darknet are pandemic-themed phishing, malware, and exploits. For Q1 2020 the organization counted 907,000 spam messages being sent and detected 737 variations of malware placed with the purpose to bypass security settings. Compared with other nations the United States are found to be the top target for spam, malware detections and users accessing malicious URLs.

Always Be Aware of Cyberattacks

A solid cybersecurity strategy is not a one-time shot and requires continuous monitoring, adjusting and updating. Successfully mastering an attack in the past, for example, does not necessarily prevent your business from further harm. An Australian-based company for international delivery and freight forwarding solutions, Toll Group, for instance recently suffered a ransomware attack for the second time in only four months. Although there was no evidence that any data has been extracted from their networks Toll Group had to take down certain IT systems for a longer period. The attack itself came from Nefilim - a relatively new ransomware variant that uses exposed Remote Desktop Protocol (RDP) connections for infection.

Be Prepared & Protect Your Digital Assets

As you can see there are a couple of attacks you should be aware of and prepared for. While you cannot extinguish all fires at once it’s important to regularly monitor current threats and attacks and prepare your business for any cyberthreat that might arise. We have collected further data breaches, cyber threats and awareness news in our May / June Cyber Threat Bulletin.

Get your copy here and keep yourself up-to-date.

  • Cybersecurity, Cyber Threat Bulletin
  • Cyber-Security, Cyber-Threats, Ransomware, Cyber-Attacks, Cyber-Crime

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment

Author

Bala Sathunathan

Bala Sethunathan

Director, Security Practice & CISO

Software Portfolio Management

Related Articles

backing-up-your-data-in-microsoft-365-accidental-deletion

Backing Up Your Data in M365: Accidental Deletion

Accidental deletion is unfortunate and more common than you may think. Luckily, with backup and restore services, you can quickly restore backup data should any of your users experience an accidental deletion.

Malicious Deletion
  • 09 June 2020
  • Mathew Showers
  • Managed Backup, Cybersecurity
  • Microsoft 365, Cyber-Security, Office 365, Malicious Deletion, BackupSimple

Backing Up Your Data in M365: Malicious Deletion

Malicious deletion isn’t just a nightmare scenario, it’s a reality. Learn more about how to back up your M365 data and stay safe from potential damage.

Backing Up Your Data in Microsoft 365 #2: Handling a Ransomware Attack

Backing Up Your Data in M365: Handling a Ransomware Attack

Is your organization prepared to handle a ransomware attack? Learn about why you must back up your data in Microsoft 365.