cyber-security-update-may-2021

May 2021

Cyber Security Update

Cyber Security Update May 2021

SoftwareONE believes there is a need for additional support when it comes to cybersecurity as organizations have made it clear that investment in a proper security strategy is paramount. SoftwareONE’s monthly Cyber Security Update provides information on the most recent threats and the latest breaches and how to react to them in order to stay on top of malware and ransomware threats.

Latest Security Breaches

DarkSide ransomware attack forced U.S. energy company, Colonial Pipeline, to proactively shut down operations and pay a $5 million ransom.

Massive Air India data breach compromised the personal data of about 4.5 million passengers.

Largest U.S. insurer CNA Financial paid hackers $40 million for ransomware decryption.

Data Breach at Canada Post: Data belonging to more than 950,000 customers has been compromised.

The US audio tech giant Bose reveals ransomware attack led to unauthorized access of personal information on current and former employees.

Embarrassing data breach: More than 300,000 data files belonging to the Office of the Solicitor General of the Philippines, some of which contained sensitive information, were accessed by an unknown party.

Cybersecurity Awareness

SolarWinds Hackers Go Phishing: The threat group behind the Microsoft and SolarWinds hack has launched a massive new phishing campaign targeting government agencies, NGOs and think tanks.

NHS patient data in England to be shared with third parties for research and planning purposes is fueling concerns about privacy and security.

COVID vaccine maker Pfizer has warned Australians not to try to buy its vaccine via the internet amid fears consumers could fall prey to cyber criminals selling counterfeit coronavirus shots.

Attackers working on behalf of Russian Intelligence have updated their attack techniques: Russian hackers are targeting various vulnerabilities, so, patch now.

Cybersecurity Intelligence

Advanced Persistent Threat - APT actors exploiting Fortinet vulnerabilities to gain access for malicious activity. They are actively targeting a broad range of victims across multiple sectors, indicating the activity is focused on exploiting vulnerabilities rather than targeted at specific sectors.

The FBI identified at least 16 Conti ransomware attacks targeting US healthcare and first responder networks, including law enforcement agencies, emergency medical services, 9-1-1 dispatch centers, and municipalities within the last year.

Darkside Ransomware: Best practices for preventing business disruption from ransomware attacks

.

Hot Topic of the Month: How to Prevent Cloud Misconfigurations

Fugue’s new State of Cloud Security 2020 report reveals that misconfigured cloud-based databases continue to pose a severe security risk to organizations. Cloud misconfiguration remains the top cause of data breaches in the cloud. While most organizations believe that the transition to cloud infrastructure has created new security vulnerabilities, 84% are concerned they’ve been compromised and don’t know it, while 28% have already been already hacked and are aware of the attack.

Many businesses choose to operate in the cloud for the speed at which resources can be deployed. Unfortunately, this can also affect the speed at which misconfigured resources are deployed due to automated CI/CD processes, which can automate misconfigured settings at scale. Especially in organizations with thousands of workloads and distributed operations, it can be almost impossible to monitor and detect all the misconfiguration possibilities with complete success.

However, there are a number of ways to improve your cloud security posture in order to prevent security breaches, including:

  • Restricting access to least privilege
  • Disabling regions where your cloud environment doesn't host workloads
  • Disabling cloud resources your teams don’t need
  • Encrypting data stored in the cloud by volume or tag
  • Blocking inadvertent uploads or cross-region copies
  • Preventing access to privileged accounts when MFA is disabled
  • Ensuring encryption keys are rotated and stored safely
  • Enforcing data security governance policies

There are also solutions available that can help detect cloud security breaches – e.g. SoftwareONE´s Cloud Workload Security. While these can be good for detecting misconfigurations after a vulnerable resource has been deployed, they don’t prevent vulnerable resources before or during deployment. Here, a Vulnerability Assessment can recommend necessary fixes.

Start Preventing Cloud Security Breaches

Cloud misconfigurations could be catastrophic for cloud security. Don’t let your organization fall victim to breaches through unresolved misconfigurations. Implement these best practices for securing your cloud-based assets.

Download infographic
  • Managed Security, Cybersecurity User Awareness, Cyber Threat Bulletin, Cybersecurity

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment

Author

Bala Sathunathan

Bala Sethunathan

Director, Security Practice & CISO

Cybersecurity

Related Articles