22 Nov Security Breach – 22 Nov 2024
With the holiday season right around the corner, cybercriminals will be chomping at the bit to take advantage of the increase in employee distractions at this time of the year. From phishing scams disguised as holiday promotions to unwanted gifts of ransomware attacks, businesses face higher risks than ever this holiday season. Organisations need to bolster their defenses and act proactively to mitigate risk before unwanted cyberthreats arrive at their doorstep.
Companies experiencing a surge in cyberattacks on weekends, nights and holidays isn’t a myth — it’s an established fact, and smart companies know it is critical to be prepared. Cybercriminals never take a day off. Cyberattacks balloon by an estimated 40% during the holidays as cybercriminals take advantage of skeleton staffing and harried, multitasking employees who may be more prone to mistakes. As in every season, the biggest cyber-risk factor is employees. With phishing especially prevalent during the holiday season, a deluge of holiday phishing, from email phishing to malvertising, brings increased risk in its wake. If it continues in its usual pattern, phishing will rise steadily, hitting a peak increase of 50% over the yearly average in December.
Recent Breaches
United States – Amazon – Retail
Exploit: Zero Day Exploit
Risk to Business: Severe: Another round of victims of 2023’s epic MOVEit hack has come to light, and some of them are very big fish. A hacker going by the name “Nam3L3ss” claimed in a post on a dark web leak site that they had exploited the MOVEit zero-day vulnerability, also known as CVE-2023–34362. The threat actor claims to have snatched data from 25 major organisations. Topping the list is Amazon, with the hacker boasting of obtaining 2,861,111 records largely containing employee data. Amazon was quick to reassure the public that Amazon and AWS are secure, claiming that the breach occurred at a third-party property-management vendor. The hacker also released datasets containing hundreds of thousands of records from major companies that purportedly contain data labeled as belonging to MetLife Cardinal Health, HSBC, Fidelity, US Bank, Delta and HP.
United States – T-Mobile – Telecommunications
Exploit: Hacking (Nation-State)
Risk to Business: Extreme: A Chinese state-aligned threat actor dubbed Salt Typhoon, also known as UNC2286 has breached T-Mobile’s network as part of a widespread cyber-espionage campaign targeting U.S. and international telecommunications companies. The operation, which lasted over eight months, accessed sensitive systems, potentially compromising national security by intercepting call logs, unencrypted texts, and audio from high-value targets, including senior U.S. government officials and politicians. According to The Wall Street Journal, the group employed advanced tactics, including infiltrating Cisco Systems routers and leveraging AI and machine learning for their espionage. The U.S. Federal Bureau of Investigation (FBI) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) said that they expect their understanding of the extent of the compromises to grow as the investigation continues. This is a developing story.
Talk to a TCT team member today about implementing cyber security plan for your business.
Robert Brown
22/11/2024
Related Articles:
Challenges of Data Lifecycle Management
Safeguarding Gadgets While Traveling