27 Oct Security Breach – 27 Oct 2023
IT professionals play a critical role in ensuring the security of the vast digital landscapes that power our world. Cyber threats are constantly evolving, and IT professionals must continually adapt. Part of that adaptation strategy includes maintaining good security habits to protect their organisations and systems. While developing security policies and instituting training requirements is critical for making sure users practise good security hygiene, it’s even more important to ensure that IT professionals do too. Cybersecurity Awareness Month is a good time for IT professionals to take a look at best practises, tools and strategies that can set them up for success.
IT professionals are driving the ship when it comes to security, performing a mission-critical role for their clients. The consequences of security breaches can be devastating, resulting in financial losses, reputational damage and even legal consequences. IT providers must approach security hygiene with the mindset that their vigilance and expertise can make all the difference in preventing cyberattacks. Unfortunately, people outside the IT team can make the IT team’s job much harder, especially if they don’t understand their security responsibilities.
Recent Breaches
Taiwan – D-Link – Network Hardware Manufacturer
Exploit: Hacking
Risk to Business: Moderate: D-Link, a leading manufacturer of routers, has experienced a data breach. The company claims that the data was not from the cloud but likely originated from an old D-View 6 system. D-Link said that the data was used for registrations in 2015. D-Link was involved in another data breach incident just two weeks ago after bad actors posted samples of the source code for D-Link’s D-View network management software on a dark web forum.
United States – Quality Service Installation (QSI) – Bank Equipment Company
Exploit: Ransomware
Risk to Business: Severe: The busy ALPHV/BlackCat ransomware group has also claimed responsibility for a ransomware attack on banking equipment provider Quality Service Installation (QSI). The company is a major supplier of NCR cash handling solutions including ATMs. The group says that it stole a wide variety of data including financial, client, personal and product-related data from the QSI INC cyberattack. They also claimed that they nabbed SQL base data amounting to 5TB in the October 14 incident.
Talk to a TCT team member today about implementing cyber security and phishing training plan for your employees.
Robert Brown
27/10/2023
Related Articles:
Cybersecurity Mistakes of Small Business
How to Improve Security Without Sacrificing Convenience?