03 Jul Security Breach – 3 July 2020
Sophisticated cyberattack risks are growing throughout the world, and the attacker isn’t always just a group of opportunistic cybercriminals. A recent explosion of cyberattacks against targets in Australia has been reported to be linked to potentially malicious state-sponsored actors, creating a new level of worry for cybersecurity architects.
Ransomware has become an even greater menace for Australian companies. Government officials have warned that ransomware that is delivered through spear phishing attacks is suspected to be part of the overall larger attack picture in this wave of attacks. Therefore, it’s clear that frequent, high-quality phishing defence and resistance training is essential to protect a company from ransomware attacks.
Ransomware is devastating to any business, as was recently demonstrated by two incidents at Australian drinks conglomerate Lion. Systems at the beverage company have been infected twice in the last month alone, freezing essential production and operations technology just as it began to ramp up its post-pandemic production.
Updating a company’s cybersecurity to boost ransomware defence should always include upgrading phishing resistance training. Dark Web monitoring is a great place to start when constructing a strong cybersecurity defence, but every building block in that defence is important – and improved phishing resistance with BullPhish ID is an easy and affordable service to add.
United States – Twitter – Social Media Platform
Exploit: Accidental Data Sharing
Risk to Small Business: Moderate: Twitter sent a notification to business clients last week acknowledging a data breach that exposed the personal and billing information of some users. The breach occurred due to an issue that led to some users’ sensitive information being stored in the browser’s cache. Twitter explained that it recently became aware of this issue. Business users were warned that prior to May 20, 2020, if you viewed your billing information on ads.twitter or analytics.twitter your account’s billing information may be at risk.
Risk to Exploited Individuals: Moderate: Twitter did not release an estimate of the accounts affected, but it did specify that only business customers were at risk, and only a percentage of business customers had any details exposed. The leaked information potentially included email addresses, users’ contact numbers, and the last four digits of credit card numbers used for Ads accounts. Twitter business customers should monitor potentially affected payment accounts.
Customers Impacted: Unknown
Australia – Chem Pack – Liquid Chemical Formulation Manufacturer
Risk to Small Business: Severe: As a barrage of cyberattacks continues to affect companies in Australia, Chem Pack has been caught in a ransomware attack. Cybercriminals using REvil ransomware have compromised and encrypted data at the Melbourne-based manufacturer. REvil ransomware exploits a known 2018 Windows vulnerability to elevate account privileges, enabling these bad actors to strike. The attackers claim to have exfiltrated financial information, personal information, and other essential business data, and recently posted a screenshot of a sample of the data on a Dark Web forum. Typically, this group posts a screenshot as proof that they’ve encrypted the affected data and asks the victim to contact them to negotiate a ransom for the key to unlock it.
Risk to Exploited Individuals: No individual data was reported as compromised.
Customers Impacted: Unknown
Being proactive in developing a cybersecurity plan can be the difference in successfully defending a breach or losing millions to a harmful attack.
Protect your data, privacy and reputation, talk to a TCT sales team member today.
Follow us on LinkedIn: