Colonial Pipeline attack updates, DoS in Q1, Core cybersecurity technology - SpinOne Digest

SpinOne News Digest, May 12 – Colonial Pipeline attack updates, DDoS in Q1, Core cybersecurity technology, and more

Welcome to the very first SpinOne news digest! Here you will find the hand-picked news, updates, and useful insights in cybersecurity and data protection topics you need to keep your business ahead and secure. 

Colonial Pipeline Ransomware Attack: The Last Updates

A logo sign outside of a Colonial Pipeline Company facility in Baltimore, Maryland.

In a nutshell

  • Colonial Pipeline – the largest gasoline pipeline operator in the U.S., – was hit with a major ransomware attack on May 7.  
  • Companies’ systems were completely shut down for four days as a safety measure and partially restored their operations only on Tuesday, 11 of May.
  • This attack is already disturbing energy markets and disrupting gas and diesel supply to the East Coast. 
  • The FBA confirmed the attack was executed by a group of Russian cybercriminals called DarkSide. 
  • The White House came up with a security plan for utilities and their suppliers to respond to this event and the already existing problem of critical infrastructure hackings growth
  • The Colonial Pipeline hack raises a different set of issues, including government and industry debate over whether to pay the ransom demanded by hackers, but it is similar to SolarWinds in putting the U.S. on the defensive in the cyber realm at the level of national security.

Quote:

“The time of the outage is now approaching critical levels, and if it continues to remain down, we do expect an increase in East Coast gasoline and diesel prices.” 

Debnil Chowdhury, IHS Markit Executive Director. 

Read the full article.


Learn how SpinOne detects and stops ransomware in Google Workspace and Microsoft 365 

Read the Article

 

Denial-of-Service Attacks in Q1 2021 Report

Source: Unsplash

In a nutshell

  • Q1 2021 saw the appearance of two new botnets. One targets Linux devices, where cybercriminals exploit several critical vulnerabilities in programs installed on victim devices. They use infected devices to carry out DDoS attacks or mine cryptocurrency. Another botnet is focused on Android devices. It attacks mobile devices through a debug interface.
  • VPN is no panacea as it also can be vulnerable to amplification attacks. In Q1 2021, attackers went after Powerhouse VPN servers. The culprit turned out to be the Chameleon protocol, which guards against VPN blocking and listens on UDP port 20811. 
  •  In Q1, a new attack vector appeared in DCCP (Datagram Congestion Control Protocol), a transport protocol for regulating the network load when transmitting data in real-time, like video streaming.
  • An unusual DDoS vector was the subject of an FBI warning about the rise in attacks on emergency dispatch centers. Neither is new, but TDoS (telephony denial-of-service) poses a severe threat against critical first-responder facilities. 

Read the full article.

Global Cybersecurity Leaders Say They Feel Unprepared for Attack: Report

Source: Unsplash

In a nutshell

  • CISOs are overworked and overwhelmed after a year in which the COVID-19 pandemic pushed more daily activities online, giving cybercriminals more targets for attack. 
  • Around 64 percent of CISOs said they believe they will face some form of cyberattack in the next 12 months.
  • Only 25 percent of security specialists reporting that their boards were on the same page with them in terms of cybersecurity threats and resources.

Quote:

“The ‘good enough’ approach of the past 12 months will simply not work in the long term: with businesses unlikely to ever return to pre-pandemic working practices, the mandate to strengthen cybersecurity defenses has never been more pressing.”

Ryan Kalember, executive vice president of Cybersecurity Strategy for Proofpoint.

Read the full article.

CyberSec Statistics for 2019-2020: Investing in Core Cybersecurity Technology

In a nutshell

  • In Europe, the average annual cost inflicted by cybercrime for affected organizations in 2019 ranged from $8 million in Italy to $13 million in Germany. 
  • In the U.S., the average annual cost of cybercrime was over $27 million.
  • Financial Services became the most targeted industry in 2020, taking up more than 23% of the whole market. 
  • In the U.S., the cybersecurity market was valued at $156.5 billion in 2019, with more than half of the market focused on services over software and hardware. In 2027, the market is estimated to be worth $326.4 billion, a compound annual growth rate (CAGR) of 10%.

Read the full article.

Elevate Security and Cyentia Institute Study on Employee Cybersecurity Risk in the Workplace

Source: Unsplash

In a nutshell

  • New findings on the state of human cybersecurity risk in the workforce reveal that traditional employee risk mitigation efforts such as security awareness training and phishing simulations have a limited impact on improving employees’ real-world cybersecurity practices. 
  • Individuals score better than groups. Training and simulation can have a limited effect on the risky behaviors of individual users, and there is no meaningful change in risk exposure at the organization level. 
  • Organizational hierarchy and demographics play a role. When measuring rank-and-file employees, managers and contractors, the employees were the most likely to click on phishing links, and those working toward the bottom of the org chart are more likely to have malware infections and fail simulated phishing tests.
  • Password managers correlate with reduced levels of human risk. Users with active password managers are 19 times less likely to download or execute malware than those without them.

Read the full article.

For more tips and insights on cybersecurity and data protection topics, go to SpinOne blog, or check out the related articles below!