Cyber Security Update 2020-01

January
Cyber Security Update

Cyber Security Update - January 2020

SoftwareONE believes there is a need for additional information when it comes to Cyber Security, as organizations have made it clear that investment in a proper security strategy is paramount. SoftwareONE’s monthly Cyber Threat Bulletin provides updates on the most recent threats, the latest breaches and how to react to them in order to stay on top of malware and ransomware threats.

Stay Ahead Of Cyber Threats: January Bulletin

Do you like thrilling movies like “The Man Who Knew Too Much” by Alfred Hitchcock or “96 Hours” by Frédéric Schoendoerffer? What both films have in common is the nerve-wracking story about the kidnapping of a family member. Do you find yourself taking the side of the good guys, praying and keeping your fingers crossed that they will set their most valuable treasure free and get them back alive? Well, then you are very close to what some companies had to experience as well with seeing sensitive business data being taken hostage by ransomware. Ransomware, as its name suggests, is malware designed to make a target’s data unusable or to prevent access to computer systems until a ransom is paid, usually in untraceable digital currency. It’s quick, lucrative – and very easy.

Imagine an ordinary working day at the office: You just started, working yourself through your inbox when you spot an official information from one of your business departments with an attached document. You are directed to a download link to access your files. You are not thinking about it because you know your company and your departments, so you just follow the instructions, download your file and open it. At some point later that day you notice that you are no longer able to access your systems and several files with a strange name have been created without your knowing. This is a critical moment because sensitive files on your device might have been encrypted. The truth is: Your files have been taken hostage and the only way to get them back is by paying a ransom.

Ransomware incidents have reached a new level of frequency and we expect the number to continue to increase. Affected companies are often willing to pay whatever sum is demanded so they can regain control and get back to business. It’s quite similar to families being willing to pay kidnappers whatever is required to release their loved ones – a copycat scenario if you will for the Cyber Security arena.

For our January Cyber Threat Bulletin we collected some examples of companies that were hit by such ransomware attacks and experienced varying consequences. Such as Hackensack Meridian Health, New Jersey’s largest hospital system operating 17 hospitals, nursing homes and outpatient centers, as well as psychiatric facility Carrier Clinic. The health system provider was targeted by a Cyber Attack in early December 2019, crippling its computer software systems for nearly five days. The attack impacted the hospital’s computer software systems, from scheduling and billing systems to labs and radiology. As a consequence, the medical teams had to reschedule approximately 100 non-emergency appointments and surgeries.

Galt, California municipal systems, also became a victim of ransomware. The city reported that the full extent of the damage is not known but both the email and the phone systems have been impacted. This includes all Sheriff’s office emails, posting of daily arrest affidavits, updates of jail booking photos, fingerprinting, background checks/criminal histories, distribution of case reports and traffic crash reports.

Last but not least, LifeLabs, a Canadian laboratory testing company, paid ransom money to get back the data of its 15 million customers – including names, addresses, emails, logins, passwords, date of birth, health card numbers (for health insurance) and even highly-sensitive lab test results.

Prepare yourself & keep your data and systems under control

Just like any other cyber threat, prevention is key to a proper defense for ransomware as well. Unlike other types of malware ransomware is extremely hard to detect and can be placed in your systems within seconds - with one file ore even one phone call that opens the door to your network. The best thing to start with is to develop and install the right cyber security (warning) system for your company. Make sure you have a backup strategy for any critical systems and data in place and practice a regular cyber security hygiene, e.g. update patches regularly, monitor your network activity and manage permission rights. Furthermore, train all employees on security threats and risks and how to deal with any type of incident.

Start your security journey today by staying up-to-date about the latest breaches, malware attacks and other incidents. Join us this month and read our latest Cyber Threat Bulletin to find out more about the latest cyber threats, and attacks and how to prevent them from happening in your company.

Download our January edition and stay informed with key information and a list of activities to help you close security gaps.

  • dinsdag 14 januari 2020

Reageer op dit artikel

Laat een reactie achter om ons te laten weten wat je van dit onderwerp vindt!

Laat een bericht achter

Author

Bala Sathunathan

Bala Sethunathan Director, Security Practice & CISO

Software Portfolio Management

Related Articles

cloud journey
  • 11 februari 2020
  • Mathew Showers

How to Start Your Cloud Journey

Everyone agrees that there's an important opportunity to be found in migrating business apps and data to the cloud. But not everyone agrees on the best way to start.

The Biggest Shadow IT Risks Brought on By Digital Asset Diversity
  • 07 februari 2020
  • Bala Sethunathan

The Biggest Shadow IT Risks Brought on By Digital Asset Diversity

When it comes to digital asset diversity, there are a lot of Shadow IT risks that could emerge. Let’s take a look at all of the potential issues to be aware of and how you can begin to avoid them.

Microsoft Teams as Hub of Office 365 Features
  • 06 februari 2020

Office 365 and You: Teams as Hub of All Features

Learn which Office 365 services and features can be combined with Microsoft Teams using our project scenario.