19 Nov Security Breach – 19 Nov 2020
Remote workers are a juicy targets for ransomware attacks!
The global pandemic has changed the way that we work, and that’s been good news for cybercriminals. Remote workers are a juicy target for ransomware attacks since they’re more likely to be drawn in by common lures and less likely to be up to date on current phishing scams. So how can you protect your business from ransomware while your staffers are still working remotely?
While we wish there was a magic bullet, the closest we’ve come is a magical solution: phishing resistance and security awareness training. Companies that engage in regular security awareness training that includes information about the latest phishing threats have up to 70% fewer cybersecurity incidents.
The biggest cybersecurity threat of 2020 is phishing, and ransomware almost always arrives on your doorstep paired up with a phishing email. More than 65% of ransomware is delivered through phishing, which has boomed during the global pandemic – Google reports that it’s measured phishing email as up by more than 600% in 2020.
Regular, easy-to-understand phishing training is essential for protecting your business from dangers like spear phishing attacks designed to deliver ransomware.
Total Computer Technology can develop a campaign that utilises BullPhish ID which delivers a phishing simulation test your staff, plus video training lessons to demonstrate today’s phishing lures, including COVID-19 bait.
Work with TCT to help protect your business from phishing-based cybersecurity disasters with simple, sensible tools like security awareness and phishing resistance training to transform your staff from cybercriminal targets to defensive assets.
United States – The North Face – Outdoor Apparel Retailer
Exploit: Credential Stuffing
Risk to Small Business: Severe: Hackers mounted a successful attack against outdoor retailer The North Face, capturing an unknown amount of client data in the process. While retail operations were not disrupted, the company has released a caution to customers about the incident.
Risk to Exploited Individuals: Moderate: The company noted that the breach includes “products you have purchased on our website, products you have saved to your ‘favorites,’ your billing address, your shipping address(es), your VIPeak customer loyalty point total, your email preferences, your first and last name, your birthday (if you saved it to your account), and your telephone number (if you saved it to your account)”. Payment information was stored separately and more securely and not impacted in this incident.
Customers Impacted: Unknown
Australia – Nexia Australia and New Zealand – Accounting Firm
Risk to Small Business: Severe: REvil ransomware strikes again, this time at major accounting firm Nexia. The company informed regulators of an attack on November 3, 2020. While the REvil gang had up until recently boasted of the score on its website, the information has since disappeared, leading to speculation that the ransom was paid. The firm has not confirmed what if any data was stolen, although the REvil group did confirm that it had data in its initial posting.
Risk to Exploited Individuals: No individual information was reported as impacted in this incident.
Customers Impacted: Unknown
Protect your data and systems by implementing a solid cybersecurity plan. Talk to a TCT team member today and we can show you how.
Follow us on LinkedIn: