Coveware issued its Q1 2021 Ransomware Report on April 26, 2021, which concludes that “[D]ata exfiltration extortion continues to be prevalent and we have reached an inflection point where the vast majority of ransomware attacks now include the theft of corporate data.”

The Report states that the average ransom payment increased 43 percent from $154,108 in Q4 2020 to $220,000 in Q1 2021, and the median payment in Q1 2021 increased from $49,450 to $78,398, a 58 percent increase. According to Coveware, the activity by CloP in Q1 2021 was “extremely active.”

Seventy-seven percent of all threats included the threat to leak exfiltrated data, which was an increase of 10 percent from Q4 2020. Sodinokibi continued to dominate the market share as a ransom type at 14.2 percent, followed by Conti V2, Lockbit, CloP, Egregor, Avaddon, Ryuk, Darkside, Suncrypt, Netwalker, and Phobos. Of these, Egregor has sunset its operations, and Netwalker was dismantled by law enforcement.

The top vectors for attacks included remote desktop protocol compromise, “phishing emails that install credential stealing malware,” software vulnerability, and vulnerabilities in VPN appliances.

Pennsylvania Governor Tom Wolf announced this week that the Commonwealth will not continue to do business with its contact tracing vendor following a security incident that potentially exposed the personal information of approximately 72,000 residents collected for the Department of Health’s (DoH) contact tracing program.

According to the (DoH), employees of the vendor created documents containing personal information online and did not secure them properly, allowing the information to be accessible. It is unknown whether any of the personal information was viewed by an unauthorized individual.

Following the incident, several state lawmakers started working on data privacy and security legislation to address the concerns of disclosing personal information to vendors.

In Gates v. Eagle Family Foods in the Northern District of Illinois, Gregory Gates, a former sanitation and assembly line employee, alleges that Eagle Foods collected and retained his handprints without consent as part of his timekeeping requirements while he worked at the Waukegan facility in 2016 and 2018.

Eagle Family Foods (Eagle Foods) says the Illinois Biometric Privacy Act (BIPA) does not apply to Gates’s claims of improper handprint collection because he is a former employee. Of course, Gates’s counsel argues that BIPA would apply even if Gates were a third-party worker not directly employed by Eagle.

Eagle Foods also argues that it did not “actively collect” Gates’ handprints, which it maintains is a requirement for there to be a violation under BIPA. Again, however, Gates’s counsel contends that Eagle Foods is liable under BIPA because it collected Gates’s biometric information in violation of the statute, stating, “Nothing in BIPA suggests that only entities that ‘actively’ collect biometric identifiers and/or biometric information directly from individuals are obligated to comply.”

Gates also pushed back against Eagle Food’s claim that he did not adequately allege BIPA; Gates argues that his complaint asserts that Eagle Foods captured, collected, and stored his biometric information “no fewer than a dozen times.”

Calling all Thin Mints fans! Girl Scout Thin Mints cookies can now be delivered right to your doorstep – by drone… IF you live in Christiansburg, Virginia. The town has been a testing arena for commercial drone delivery by Wing (a subsidiary of Alphabet, Google’s parent company). Before Girl Scout Thin Mints, starting in 2019, drugstore products, FedEx packages, local pastries, tacos, and cold brew coffees have been delivered by drone to residents of this community.

During the pandemic, Wing and the Girl Scout troops started discussing the lower number of cookie sales, due to the low percentage of the public visiting storefronts. That discussion led to an entirely new format for selling cookies. One young Girl Scout of Virginia Skyline Troop 224 said, “I’m excited that I get to be a part of history. People are going to realize and be, like, ‘Hey, this is better for the environment and I can just walk outside in my pajamas and get cookies.’”

Wing’s drones are able to autonomously navigate, powered by two forward propellers on their wings and 12 smaller vertical propellers. When one of these drones reaches its destination, it hovers above as a tether releases, dropping the package.

This is yet another attempt at bridging the gap between drone capabilities and negative public perception of drones. After all, Thin Mints can be a pretty persuasive tool.

This week, Kroger and Drone Express announced a pilot program offering grocery delivery by autonomous drones.

Jody Kalmbach, Vice President of Product Experience, said, “Kroger’s new drone delivery pilot is part of the evolution of our rapidly growing and innovative e-commerce business which includes pickup, delivery, and ship and reached more than $10 billion in sales in 2020. The pilot reinforces the importance of flexibility and immediacy to customers, powered by modern, cost-effective, and efficient last-mile solutions. We’re excited to test drone delivery and gain insights that will inform expansion plans as well as future customer solutions.”

So how will it work? Well, Kroger customers will have great flexibility on where their grocery order can be delivered. While many of us have scheduled a grocery delivery to our homes, this drone program will allow customers to choose delivery to a park, a beach, or any location where their smartphone is located. Using the site, customers can have their groceries as soon as 15 minutes from when the request is made.

Drone Express will conduct these test flights near the Kroger Marketplace in Centerville, Ohio. The flights will be carried out by licensed Drone Express pilots from an on-site trailer, with additional off-site monitoring. A second pilot program through Drone Express is set to launch this summer at a Ralphs grocery store in California.

Autonomous drones have the potential to improve everyday life, and the technology can provide safe and environmentally-friendly deliveries. It is only a matter of time before drone delivery is as commonplace as the smartphones we hold in our hands.

If you are on top of updating your iPhone patches when a new operating system is released by Apple, you probably updated your iOS to version 14.5 when Apple released it last week. However, even if you did update last week, it is important to update again this week to iOS 14.5.1, which Apple released on Monday. If you didn’t upload 14.5 last week, that’s even more reason to update to 14.5.1 now.

iOS 14.5.1 specifically addresses security vulnerabilities that Apple has stated could give hackers the ability to execute arbitrary code on user’s phones. Apple says that because it is aware that the vulnerabilities are being exploited by hackers, it issued the patch. It is urging users to update to 14.5.1 as soon as possible to avoid becoming a victim.

It is always important to update software when a manufacturer releases a new version, so any vulnerabilities can be patched. That is the most important part of updating the software, even though you might also get some new features. Updating to iOS 14.5.1 is easy. Plug in your phone, go to settings, then to the General tab, then to the software update tab and select download and install. The same can be done for your iPad. I updated mine last night, and you may wish to consider doing the same.

Eversource Energy, which is the largest energy supplier in New England with 4.3 million customers in Connecticut, Massachusetts, and New Hampshire, is notifying customers that their personal information was compromised on an unsecured cloud server.

The personal information that was compromised includes names, addresses, telephone numbers, Social Security numbers, services addresses, and account numbers. The notification letter states that on March 16, 2021, Eversource discovered that the “[c]ompany cloud storage site had been misconfigured so that its files could have been publicly accessed.” It is reported that the files contained in the misconfigured folder, created in 2019, were unencrypted and included the personal information of some 11,000 Massachusetts customers.

The company “made enhancements to its system security and procedures.” Eversource is offering identity theft monitoring for affected individuals for one year.

The Associated Press has reported that the Metropolitan Washington, D.C. police department has been the victim of a hacking incident for which the Russian-based ransomware group Babuk is claiming responsibility. According to the department, the FBI is investigating the incident.

It is reported that the department’s police operations were not affected. Babuk claims that it stole sensitive data from the department. Some of the department’s data were being leaked on the internet this week, including lists of arrests and persons of interest to the department. Babuk alleges on its dark web site that it has downloaded 250 gigabytes of data from the department.

This week Adobe Inc. released some updated software for companies to target customers with advertising and offers using the brands’ own data as opposed to third-party cookies. More and more, third-party cookies are being eliminated from websites due to consumer concerns regarding unwanted tracking across the internet. Many web browsers already block third-party cookies, and soon even Google Chrome will block them. The new Adobe platform, Real-time Customer Data, will let its customers ask consumers for permission to use their information. With this new software, a consumer will likely see clearer information about how a website uses their data and why they are being shown certain personalized experiences.

Another reason the traditional third-party tracking cookies are on their way out is that companies that collect large volumes of data through their own services (i.e., Facebook or Google) do not typically share that data with others who want to use it for their own advertising purposes. Over half of the customers Adobe surveyed about their data use said that they often do not know the type of data collected and stored in disparate systems. The software will use first-party data to get a more complete profile about consumers. It also will allow different companies to share certain non-sensitive data to personalize the products they pitch.

The downside to this software may be that it is more complex than just allowing third-party cookies to collect data and then simply purchasing that data. However, this is a step towards stronger privacy protections for consumers.

This week, the New York State Department of Financial Services (NYDFS) issued the Report on the SolarWinds Cyber Espionage Attack and Institutions’ Response. The Report begins with the statement that “The next great financial crisis could come from a cyber-attack,” And goes on to describe how the SolarWinds attack affected financial institutions and NYDFS’s response assisting financial institutions in its aftermath.

The Report states that “the SolarWinds Attack is, to date, the most visible, widespread, and intrusive information technology (“IT”) software supply chain attack – i.e., a cyber-attack that corrupts IT software and uses that software as an attack vector. Supply chain attacks are dangerous because the malware is embedded inside a legitimate product, and because supply chain attacks can allow an attacker to access the networks of many organizations in a single stroke.”

For this reason, the Report further notes that “this attack confirms the importance of vigorous third party risk management, which starts with a thorough assessment of an organization’s third party risk. Third party risk management is a key part of DFS’s Cybersecurity Regulation, and the Department is exploring ways to further address this critical component of cybersecurity.”

The Report also addresses the lack of transparency in information sharing regarding cybersecurity attacks and indicates that NYDFS is interested in improving information sharing and transparency among its regulated covered entities.

The Report summarizes the background facts of the SolarWind attack, remediation efforts taken by companies affected by the attack, recommendations to strengthen cybersecurity practices, and measures taken to respond to the attack.