Security Breach – 28 July 2023

cybercrime of all kinds experienced explosive growth

28 Jul Security Breach – 28 July 2023

Posted at 12:12h in Security Breach, TCT News by

Cyberattacks are something that every business has to worry about. Overall cyberattack rates climbed by 7% globally in Q1 2023, and when Q2’s data is tallied, that number is likely to be even bigger. While cyberattacks of all sorts are always a risk, some cyberattacks are trendier than others.

Ransomware attacks on big, public-facing service providers are a cybercriminal favorite, and they’ve been busy in 2023. Ransomware groups face increasing legal pressure around the world, spurring some cybercriminals to carefully plan strategic attacks to get maximum benefit for the risk.

Recent Breaches

 

United States – Estée Lauder – Beauty Company

Exploit: Ransomware

Risk to Business: Severe: Legendary beauty brand Estée Lauder has disclosed that it has been the victim of a cyberattack that has resulted in data loss after an unauthorized third party gained access to some of its systems. The company warns that this incident will have an impact on its consumer-facing operations as well as its business operations. In an interesting twist, two different cybercrime gangs are claiming to have conducted successful attacks on Estée Lauder at virtually the same time. Cl0p claims to have hit the company as part of its MOVEit exploit spree. BlackCat/Alphv claimed that they’d attacked separately, saying on July 18 that they still had access to the company’s systems. Estée Lauder is working with Microsoft and Mandiant to investigate and remediate the incident.  

United States – George County, Mississippi-Regional Government 

Exploit: Ransomware

Risk to Business: Extreme: George County, MS is undertaking recovery efforts after a ransomware attack over the weekend. County officials said the trouble began when a county employee received a phishing message that they needed to download an update but actually downloaded ransomware. The trouble began last Saturday night and continued into Sunday. The county admits that its three servers are encrypted. In an interview, an official said that a ransom note had been left behind by the attackers but did not name the gang or share the amount of the ransom demand. The U.S. Federal Bureau of Investigation and agencies from the State of Mississippi are assisting in the investigation.  

Talk to a TCT team member today about implementing cyber security and phishing training plan for your employees.

Robert Brown
28/7/2023

Related Articles:
Why is regular Cybersecurity Awareness training recommended?
The biggest vulnerabilities that Hackers are feasting on right now