Across the United States, school buses are rumbling on their routes, campus playgrounds are full of excited and clambering children, and families are back from refreshing vacations, having pushed normal routines aside, which may include keeping up with the latest cybersecurity threats, in favor of outdoor recreation, picnics and resting in the summer sun.
Back-to-school and back-to-work means it’s time for a reality check
Cybersecurity incidents don’t stop simply because we aren’t paying attention and have ‘gone fishing’ so to speak. Experts say that staying on top of cybersecurity trends and news is one of the best – and cheapest – defenses. So, now that everyone is settling back into the routine and rhythm of regularity, it’s time to get up to speed on the cybersecurity news you may have missed over the summer.
“If you know what is going on, which verticals are being targeted, and what new tools and trends that hackers are exploiting, then you can better protect your own organization,” says Jay Randall, a cybersecurity expert in Las Vegas. “We see a lot of clients who get caught up in a summer vacation mentality and miss things they wouldn’t other times of year. I always remind them that one of the best cyber defenses is Twitter, meaning I encourage scrolling through newsfeeds and networking on social media to find out what cyberthreats are lurking.”
Randall adds, “Ironically, though, Twitter was hit with a breach this summer, too.”
Lessons can be learned from every cybersecurity incident
To keep SmarterMSP readers up to speed, we put together a run-down of some of the top cybersecurity headlines you might have missed during the summer months and, in some cases, the lessons that can be learned from them. The headlines were numerous, too numerous to include here, but these are ones that caught the attention of cybersecurity experts and MSP owners.
JUNE
- The city of Portland, Oregon lost $1.4 million in a cybersecurity breach. An unknown cybercriminal unit diverted a payment meant for a city entity by gaining unauthorized access to the Portland Housing Bureau’s email account. The money was destined for an affordable housing development but was diverted to cybercriminals who walked away with a handsome payday. The money was never recovered.
- In New Jersey, a ransomware attack disabled a school district’s computer system, which affected Tenafly Public Schools and The Bergen County school district. The latter had to cancel final exams for all high school students. While students may have cheered the news, the school system was left hobbled by the attack. The district’s technology department took several steps, including isolating devices, turning off the networks, and hiring cybersecurity experts to carry out an investigation, but it still caused a massive disruption. “This end-of-school-year attack should serve as a warning in the new school year that education is a favored target of hackers,” advises Randall.
- A message about a “Father’s Day free beer” opportunity went viral on WhatsApp. Of course, there was no free beer, the message instead included an embedded link, containing a malicious script. WhatsApp reminded users to follow safety best practices when using its services. The WhatsApp incident is a lesson to heed year-round, centering on holidays and “special days.” With “special days” like the whimsical “Talk like a Pirate Day” on Sept. 19 and Halloween in October, be on guard for frivolous, fun-sounding memes, messages, and emails that may try to prey on complacency.
- In mid-June, there was a massive data breach that affected 69,589 people. The victims were patients of the Washington Kaiser Foundation Health Plan. The breach exposed patients’ first and last names, medical record numbers, dates of service, etc. Kaiser stopped the unauthorized access and initiated an investigation to identify the threat factors. The takeaway is that PHI is still coveted by hackers and remains the most valuable data for hackers to peddle on the dark web.
JULY
- Twitter suffered a data breach after threat actors used a vulnerability to build a database of phone numbers and email addresses belonging to 5.4 million accounts. The data is now up for sale on a hacker forum for $30,000, according to a threat actor known as ‘devil’. The data breach exploited a loophole in Twitter’s security that allowed any party without any authentication to obtain a Twitter ID (which is almost equal to getting the username of an account) of any user by submitting a phone number or email even though the user has prohibited this action in the privacy settings, according to reports. The loophole has been closed.
- LinkedIn is the most faked brand for when it comes to phishing attacks. In the second quarter of 2022, 45 percent of all phishing attempts come from faked LinkedIn phishing attempts.
- Details have emerged on how the Conti ransomware gang breached the Costa Rican government, showing the attack’s precision and the speed of moving from initial access to the final stage of encrypting devices. This is the last attack from the Conti ransomware operation before the group transitioned to a different form of organization that relies on multiple cells working with other gangs.
AUGUST
- Hanesbrands estimates it lost $100 million in sales this summer after suffering a ransomware attack. And while the attack happened in May, the incident didn’t make the headlines until August when the company revealed in an earnings report that the incident prevented it from fulfilling product orders for three weeks. This stymied its ability to purchase new supplies, ship orders, and process payments for brands including Hanes, Champion, and Playtex. The attack was specifically a supply chain attack affecting the company’s global supply chain network. It remains unclear who was responsible for the incident, but the attack highlighted the vulnerability of supply chain breaches, and $100 million in lost sales is a steep price to pay for a breach.
- On August 17, Fremont County, Colorado government offices suffered a ransomware attack that shut down government services for three days. Even by month’s end the county was still suffering the after-effects, slowing public-facing services. The takeaway is that government remains a target for cybercriminals.
- On August 26, the New Hampshire State Lottery suffered an attack forcing it take down its website.Officials said people visiting the site should not click on any pop-up messages.
Staying on top of news is crucial for MSPs, Randall says, to better serve clients. “That’s how you learn what is going on, don’t slip into a bubble and that is easy to do in the day-to-day tasks of servicing clients,” Randall explains, adding that summer headlines point to education, government, and healthcare continuing to be favored targets for attack heading into the fall.
Photo: PabloLagarto / Shutterstock
Great article. Very informative with all of the examples of recent security incidents.
Excellent review of what has been happening. Schools have been identified as being a very hot target currently, so high alert for those working with primary education institutions.
This stuff is getting really old.
A very good snapshot of security incidents across the board. It really demonstrates that these criminals do not give preferential treatment in who they target and care less on how they might harm people.
This is not one and done, people need to keep up on this even if it’s a reminder to be aware. Nag screens don’t work but we don’t want someone we know to be that GUY that gets compromised
Great use of examples here. Thank you
Nice article! Thanks!
Informative examples for sure. I think all MSPs are focusing hard on security right now.