Page 3 - Threat Intelligence 12-13-2019
P. 3
Perspective:
State of the
Marketplace
A major data center was hit with Ransomware this week, impacting the
operations of several of its clients. While only a fraction of their
clientele were affected, it should serve as a wakeup call for any
organization that has services or applications running offsite. On a
related note, both Amazon and Microsoft are in the news this week
about attacks or vulnerabilities in their systems. Ensure that your risk
assessment is kept up to date, and that your DR/BC plan can take into
account an outage of your hosted solutions.
Since 2013, scammers have stolen more than $26 Billion using business
email compromise (BEC) attacks. These are so effective because it is
the human that is the weak link in the attack chain. BEC attacks can
only be defeated by vigilant employees and processes in place designed
to enforce identity validation. Organizations with unenforced policies
(or none at all) will eventually learn a hard, expensive lesson.
While we are on the topic of people, a new survey has found that 49%
of workers modify an existing password when they are prompted for a
password change. This leads to weak and predictable passwords and a
higher chance that attackers can success in credential-stuffing attacks.
Where possible, have users utilize a password management tool so that
they can comfortably use complex passwords. Users should also check
to ensure that new passwords are not on known lists of compromised
passwords. They can do this easily at this site:
https://haveibeenpwned.com/Passwords
…and lastly, a new ransomware variant, has been discovered in
campaigns that force Windows machines to reboot into Safe Mode
before beginning the encryption process. This allows it to bypass
applications and security systems that need to operate with elevated
permissions, enabling it to encrypt protected files. Ensure that your 3
systems are properly protected.
~Stay Secure
www.accumepartners.com
