Archives: Cybersecurity

Subscribe to Cybersecurity RSS Feed

Ransomware Attacks Predicted to Occur Every 11 Seconds in 2021 with a Cost of $20 Billion

Confirming what we are seeing in the field, cybersecurity firm Cybersecurity Ventures has predicted that, globally, businesses in 2021 will fall victim to a ransomware attack every 11 seconds, down from every 14 seconds in 2019. That figure is based on historical cybercrime figures. It is estimated that the cost of ransomware to businesses will … Continue Reading

Frequency and Cost of Insider Threats Continue to Increase

The Ponemon Institute recently issued its 2020 Cost of insider Threats Global Report, which finds that the frequency and cost of insider threats is continued to increase. Sponsored by ObserveIT and IBM, the 2020 report is the third consecutive report that studies insider threats and their impact on businesses in terms of frequency, cost and … Continue Reading

Industrial Control Systems at Risk from Targeted Snake Malware

Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing sites, and electrical and power grids. Although there have been a few successful attacks against ICS in the past, including the destruction of a … Continue Reading

Cyber Criminals Using Coronavirus Concern to Assist with Intrusions

Concern over the spreading coronavirus from China is legitimate and real. The World Health Organization (WHO) has declared the coronavirus a global health emergency, and the United States and other countries are limiting travel of individuals from the affected areas in China. As we have seen with other public concerns, cyber criminals and threat actors … Continue Reading

Ransomware Attacks More Frequent and Recovery Efforts Extended in 2020

A new report published by Coveware concludes that companies hit with ransomware attacks spend an average of 16 days recovering from the attack. Think about being offline and unable to do business for 16 business days. It is extremely disruptive and costly. It takes larger organizations longer to recover than smaller ones, and larger organizations … Continue Reading

Crime-as-a-Service Targets Popular Platforms

It’s getting difficult to keep up with the jargon of all of the new digital scams. The SaaSes in the beginning became regular business terms, such as Software-as-a-Service (SaaS), and Business Processes-as-a-Service (BPaaS). But then the criminal enterprises came up with Malware-as-a-Service (MaaS), Ransomware-as-a-Service (RaaS) and now Crime-as-a-Service (CaaS). A new Crime-as-a-Service offering is targeting … Continue Reading

NIST Releases Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management

The National Institute of Standards and Technology (NIST) released its first privacy framework tool  (the Privacy Framework) on January 16, 2020. In the Executive Summary, NIST states that with the unprecedented flow of data of individuals through a complex digital ecosystem, individuals may not be able to understand the potential consequences for their privacy as they … Continue Reading

FBI Warns of Retaliatory Cyber-Attack from Iran

The Federal Bureau of Investigation (FBI) is warning of a heightened likelihood of Iranian cyber-attacks following the escalation of tension between the U.S. and Iran. This follows the warning last week by the Department of Homeland Security (DHS). The FBI and DHS issued a bulletin to law enforcement groups warning of potential physical and cyber-attacks … Continue Reading

Health Information Sharing and Analysis Center Warns Health Systems to Be Wary of Iranian Cyber-Attacks

Following the escalation of tensions between the United States and Iran in the past week, the Health Information Sharing and Analysis Center (H-ISAC) is warning hospitals and health systems that Iran could attack health organizations, which are considered critical infrastructure, and that they make sure their systems are being updated with patches. H-ISAC further recommended … Continue Reading

Department of Homeland Security Warns of Cyber-Attacks by Iran

The Department of Homeland Security (DHS) issued a grave warning to U.S. businesses and critical infrastructure operators on January 6, 2020, alerting the public that Iran poses a cyber terrorism threat to the United States following the death of Iranian Quds Force commander Gen. Qassem Soleimani. The bulletin explains that Iran’s previous plots against the … Continue Reading

New York DFS Issues Risk Alert Concerning Possible Iran Cyber-Attacks

In view of Iran’s vows to retaliate against the United States for the death of Quassem Soleimani, the NYDFS has issued an industry letter to all regulated entities regarding the need for heightened cybersecurity precautions. The letter notes that it “is particularly concerning that Iran has a history of launching cyber-attacks against the U.S. and … Continue Reading

LifeLabs Pays Ransom to Retrieve Patient Data

It is being reported that LifeLabs, a Canadian lab company that is the largest provider of laboratory diagnostics and lab testing services in Canada, recently paid an undisclosed ransom to hackers who compromised its computer system that housed patient lab data. The hackers apparently compromised the system, exfiltrated data and demanded that the company pay … Continue Reading

Pensacola Hit with Cyber-Attack

Just hours after the shooting incident at the Pensacola Air Station last week, city officials in Pensacola discovered that the city was the victim of a ransomware attack. Many of the city’s computer systems were affected and were disconnected from the internet. City officials reported that all offices were open and that emergency services, including … Continue Reading

Louisiana State Government Systems Down Following Ryuk Ransomware Attack

Louisiana Governor John Bel Edwards activated the State’s cybersecurity team recently after several State offices’ computers started acting strangely. The IT team identified an intrusion of Ryuk ransomware and which programs were affected, and shut down computers to avoid spread of the infection. During the outage, some state offices had no access to email, internet … Continue Reading

Veterinary Network Hit with Ransomware

National Veterinary Associates (NVA), a large network of veterinary hospitals and clinics, has reportedly been the victim of a ransomware attack. According to the reports, NVA employs more than 2,600 veterinarians, with over 700 veterinary hospitals and clinics in the U.S., Canada, Australia, and New Zealand. NVA was reportedly hit with the Ryuk ransomware virus, … Continue Reading

Medicare Beneficiary Cards of 220,000 Individuals Compromised

The Centers for Medicare and Medicaid (CMS) has announced that approximately 220,000 Medicare beneficiaries’ card numbers have been compromised “by an unknown person or organization.” That means CMS doesn’t know who or how the cards were compromised. Although CMS says it is working to “remedy the situation,” in the meantime, it is checking billing systems … Continue Reading

2.2 Million GateHub and RuneScape Passwords Compromised

It has been reported by Troy Hunt, the security researcher who provides the “Have I Been Pwned” free breach notification service, that 1.4 million passwords and personal information of customers of GateHub, a cryptocurrency wallet service provider, and 800,000 customers of EpicBot gaming bot provider RuneScape are for sale on the web. According to Hunt, … Continue Reading

Beware of PureLocker Ransomware

Security researchers Intezer and IBM X-Force have identified a new ransomware that is seriously vicious. It’s PureLocker—named because it is programmed in PureBasic language, which is apparently unusual. The scary thing about this ransomware being written in PureBasic programming language is that it can target different platforms and is transferable between different operating systems, including … Continue Reading

Managed Service Providers Hit with Ransomware Attacks

Cyberliability insurance provider Beazley Insurance Company has analyzed its internal breach response data and determined that in its experience, there has been a thirty-seven percent (37%) increase in ransomware attacks this most recent quarter from the last quarter of 2019. Twenty-five percent (25%) of those incidents were against managed service providers (MSPs). An MSP assists … Continue Reading

Energy Sector’s Reliance on IoT Increases Cyber Vulnerabilities

CyberX recently released its 2020 Global IoT/ICS Risk Report (Report), which compiles survey questions and answers from 1,821 production networks of electric utilities, and oil and gas companies. Although the Report admitted that oil and gas companies and electric utilities tend to be ahead of the curve on cybersecurity compared to other sectors, they are … Continue Reading
LexBlog