Jack’s Hacks: Volume 5
This month Jack covers the multiple ransomware attacks that have taken place in a short amount of time. Learn how to secure your IOT devices and as always monthly hacks to shore up your security.
The Last 30 Days in Cybersecurity: Notable Breaches, Outages & Ransom Demands
Ransomware Gangs Turn Attention Back to SMES
Security experts confirm a rise in ransomware groups targeting smaller organizations with weaker security capabilities. According to a report from Trend Micro ransomware gangs are slowing down attacks against “big game” targets in favour of easier marks. Traditionally, smaller businesses aren’t as likely to invest in robust cyber security as big corporations. Reduced spending on cyber technology and an “it-won’t-happen-to-us” mentality puts smaller businesses directly in the path of opportunistic cyber criminals.
Ransomware Attack on American Public School System Drains Bank Accounts
The Minneapolis Public School system is facing backlash for waiting 7 months to report a cyberattack that compromised the data of thousands of students, teachers and alumni. Members of the school community have reported fraudulent charges to their bank accounts and ransom demands against their privacy The Medusa ransomware gang claimed credit for the attack. The school district is accused of downplaying the incident and miscommunicating the severity of the attack, highlighting that our schools need professional help managing cybersecurity and the fallout of an attack.
Save the Children Confirms Systems Breach
Cybercrime gang BianLian claims responsibility for stealing personal data and email correspondence from international NGO Save the Children. The global charity organization confirms the cyberattack but reports no organizational disruption. This is not the first time Save the Children has suffered an attack and they are but one of several charities targeted by cybercriminals in the past year.
MGM Resorts International and Caesars Entertainment Face Class-Action Lawsuits After Cyberattacks
Lawsuits filed against Caesars and MGM accuse the entertainment giants of failing to secure the plaintiffs’ personal information, including driver’s license and social security numbers after a cyberattack on September 11th. The attacks highlight the vulnerability of even the most security-conscious entities in the face of a successful social engineering attack. Although the details of the attack haven’t been confirmed, the cybercriminal group Scattered Spider has claimed responsibility. They claim that they gained access to MGM’s systems by “vishing” aka: impersonating an employee through a phone call to the company’s IT help desk.
The Latest Cybercrime Trends
Internet of Things (IoT) Devices are Prime Targets
Internet of Things (IoT) devices are important assets to businesses and homeowners. Think industrial automation and smart homes. They don’t require human interaction and can help automate tedious workflows and offer new revenue streams for industry. They also hold a lot of valuable data. A new report reveals a thriving underground economy on the dark web focused on IoT-related services. Cybercriminals exploit weak passwords and vulnerabilities in network services to execute malicious commands and spread malware. The majority of attacks are directed at network routers with an average of 5,200 attacks per router per month. Aging devices without the latest security updates and very poor password hygiene have led to skyrocketing attacks. In fact, attackers can find and remotely access about one in 16 internet-connected home wi-fi routers using the manufacturer’s default admin password. As you can probably guess, I have some thoughts on this. It’s essential for consumers and industry to take the necessary steps to protect IoT devices. Only use devices that have cybersecurity certificates, practice good password hygiene and keep serial numbers, IP addresses and other sensitive information to yourself. It’s also a good idea to find a cybersecurity solution with dedicated protection for corporate/industrial endpoints and network monitoring to prevent malicious activity.
AI Identifies Passwords by “Listening” to Keystrokes
New research suggests artificial intelligence (AI) can work out which keys are being pressed by eavesdropping on the sound of the typing. Study results reveal that AI can accurately assign the correct key to a sound 95% of the time when the recording was made over a phone call, and 93% of the time when the recording was made over a Zoom call. While there’s no evidence that cybercriminals have used AI eavesdropping to crack passwords, researchers believe that laptops with their similar keyboards and popularity in public spaces, could be at risk. According to The Guardian experts recommend activating multi-factor authentication and avoid typing sensitive messages on a keyboard in Zoom calls.
Jack’s Top Monthly Hacks
For Businesses:
Protect Your Small Business: Cybersecurity Tips for Remote Work in 2023
The landscape of business has evolved dramatically, and in 2023, remote work has become the norm for many small businesses. While this shift offers flexibility and cost-saving benefits, it also opens the door to increased cybersecurity risks. As a small business with remote workers, it’s essential to prioritize cybersecurity to protect your data and operations. Here are some things to consider:
Embrace Zero Trust Security
Implement a Zero Trust Security model that assumes no one inside or outside your network can be trusted by default. This approach ensures continuous authentication and verification of all users and devices.
Keep Software and Systems Updated
Cybercriminals exploit known vulnerabilities in outdated software. Ensure all operating systems, applications, and security software are regularly updated to the latest versions to patch security holes.
Use Strong, Multi-Factor Authentication (MFA)
Require remote workers to use strong, unique passwords and enable MFA wherever possible. This extra layer of security is essential.
Educate Your Team
Invest in cybersecurity training for your remote workers. Teach them to recognize phishing attempts, suspicious links, and social engineering tactics that cybercriminals use to gain access to sensitive information.
Implement Endpoint Security
Utilize advanced endpoint security solutions that protect devices used for remote work. These tools can detect and respond to threats in real-time, even on remote devices.
Secure Wi-Fi Networks
Require remote workers to use secure Wi-Fi networks and to avoid public or unsecured networks when handling sensitive data. Consider providing a virtual private network (VPN) for added security.
Regularly Back Up Data
Critical business data should be regularly backed up to secure, offsite locations. In the event of a cyberattack or data loss, having up-to-date backups can be a lifesaver.
Develop an Incident Response Plan
Create a comprehensive incident response plan that outlines steps to take in case of a cybersecurity breach. Time is of the essence in mitigating damage during an attack.
Stay Informed About Emerging Threats
Stay informed about the latest cybersecurity trends and threats relevant to your industry to adapt your defenses accordingly.
Consider Cyber Insurance
Cyber insurance can provide financial protection in the event of a cyberattack. BOXX offers policies tailored to your small business’s needs.
For Individuals:
Apple Users: Update Your Phones. Now.
For the second time in as many months Apple released urgent security updates for iPhones, iPads, Macs, Apple Watch, and Safari users to patch against three vulnerabilities that Apple says are being actively exploited. In early September, Citizen Lab discovered a new malware attack, fittingly named Blastpass. It uses Pegasus spyware from NSO Group to read a victim’s text messages, view their photos and eavesdrop on phone calls—all without any interaction from the victim. It basically blasts past a target’s defenses. Instead, phones are infected via Apple’s PassKit. The most recent vulnerabilities exploit a flaw in Webkit, the browser engine that powers Safari, to get broader access to the core of the operating system. This cyberattack utilizes Predator spyware that can steal the contents of a person’s phone when planted.
Many iPhone users operate under the false assumption that they’re not as vulnerable to bugs and cyberattacks as Android users. However, while Android users have the autonomy to lock down their own devices, Apple users rely on Apple. Basically, iPhone users MUST run every security update that Apple releases. Complacency will cost you. In addition to being vigilant about security updates, here are a few other ways to protect yourself:
Protect your passcode
Use Touch or Face ID when out in public and if you must type a passcode, cover your screen. Practice good password hygiene and make sure your password is difficult to guess. And while we’re on the topic, never store passwords on your device. Use a password manager to help you keep track, or even better…
Set up multi-factor authentication (MFA)
MFA combines different types of security items requiring users to provide complex pieces of evidence from various sources to confirm their identity. It’s superior to two-factor authentication that can rely on SMS text messages for confirmation—especially if your phone’s been stolen. If a criminal has your phone, that backup text can compromise you further.
Disable Lock Screen Notifications
The less you share, the more secure you are. Disabling notifications from appearing when your screen is locked, keeps potentially sensitive information safe from prying eyes.
Enable Find My iPhone and Activation Lock features
The Find My iPhone and Activation Lock features lock down your personal information if your phone is lost or stolen. This additional layer of protection requires your Apple ID and password to activate or disable your device. And you can track a thief or figure out which coffee shop bathroom you may have left it in.
Related posts
Sign up for the BOXX Insurance Newsletter
Get the latest updates about Cyber Insurance and Protection with our newsletter.