26 Jan Security Breach – 26 Jan 2024
K-12 education has undergone huge technological change in the last few years. New technology has proven to be a catalyst for exploring new frontiers in education, giving teachers a wide array of tools to foster learning and providing students with the tools they need to thrive. However, this new technology also puts schools at risk of cyberattacks. Schools were the top target for ransomware attacks in 2023, and the pressure does not look like it will be relenting in 2024. The cyber landscape is constantly evolving, and procrastination can leave educational institutions vulnerable to malicious attacks.
The escalating cyberthreat landscape demands that schools adopt proactive measures to secure their digital environment. Implementing robust cybersecurity solutions, running ongoing security training for staff and students, and establishing comprehensive incident response plans are key steps toward ensuring the safety of educational institutions. By taking action now, at the beginning of the educational school year, schools will be able to reduce the risk of falling victim to phishing and ransomware attacks, prevent learning interruptions and ensure that they are taking a smart approach to safeguarding sensitive data.
United States – Microsoft – Software Company
Exploit: Password Spraying
Risk to Business: Moderate: Microsoft has disclosed that several of its corporate email accounts were breached by a Russian state-sponsored hacking group Midnight Blizzard. The company detected the attack on January 12, 2024. Microsoft’s internal investigation concluded that the attack was conducted by a group of Russian threat actors associated with Nobelium/APT29 (sometimes known as Midnight Blizzard or Cozy Bear). The software titan said that the threat actors breached their systems in November 2023 by conducting a password spray attack to access a legacy non-production test tenant account. Microsoft says the hackers accessed a “small percentage” of Microsoft’s corporate email accounts for over a month including accounts tied to the company’s leadership team and employees in the cybersecurity and legal departments. The company speculates that the threat actors were looking for information about their own gang.
Taiwan – Foxsemicon – Semiconductor Manufacturer
Risk to Business: Severe: Major semiconductor manufacturer Foxsemicon has fallen victim to a ransomware attack by the LockBit ransomware group. The gang posted a notification on Foxsemicon’s website stating they had taken it over and stolen 5TB of the company’s client data. Foxsemicon did not disclose any information about the ransom demanded by the hackers. It also has not confirmed whether any personal information about its customers or employees was leaked. Foxsemicon is a subsidiary of electronics giant Foxconn.
Talk to a TCT team member today about implementing cyber security plan for your business.