Editor’s Note: This is your weekly cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive weekly updates here.
Beware of fake invoice attachments in email — the most common lures in malware. Email continues to be the vehicle for the majority of malware distribution, with 88% delivered by email into targets’ inboxes, according to the latest findings in the HP-Bromium Threat Insights Report. In many cases, these emails bypassed gateway filters. “Ultimately, attackers are taking advantage of the fact that it’s normal to share and open documents by email,” observed Alex Holland, a senior malware analyst at HP stated in a TechNewsWorld article.
HP’s findings indicate that “it took 8.8 days, on average, for threats to become known by hash to antivirus engines — giving hackers over a week’s head-start to further their campaigns.”
“Opportunistic cybercrime does not show any signs of slowing,” added Holland. “We have also seen threat actors continue to experiment with malware delivery techniques to improve their chances of establishing footholds into networks.”
A Toxic Stew: COVID-19 Vaccinations Pose Risks to Healthcare Data
Besides potential emails from cyber thieves, what else should individuals look out for? The rollout of COVID-19 vaccinations is another prime target for cybercriminals — individuals’ personal healthcare data is turning up and being sold on the Dark Web. In his Dark Reading article, Greg Foss with VMware Security Business Unit, warns, “As the vaccine rolls out to the masses, and more personal data increases in value, we can expect cybercriminals to seize the opportunity to profit.” He recommends that healthcare organizations take the following precautions:
- Implement physical security controls and auditing around the vaccine storage solution.
- Educate healthcare staff on the various cybersecurity risks related to their job.
- Ensure the latest system and software patches are installed.
- Implement and enforce multifactor authentication for all Internet-accessible services.
- Log and monitor the usage of information systems, especially the access to sensitive data.
- Conduct regular risk assessments and perform proactive threat hunting.
- Use off-site data backup and test recovery periodically.
Cyber Thieves Target Small Businesses
More than one quarter of cyberattacks target small businesses. This, combined with the COVID-19 pandemic — including the latest scams around vaccine distribution — has created new opportunities for attackers, writes Security Magazine. What can small businesses do? Security Magazine offers these tips for organizations of all sizes:
- Shore up their networks against a wide variety of attack vectors.
- Establish additional visibility into attackers seeking to secure privileges and move laterally to further their attacks.
- Seed networks with deceptive credentials that trick intruders into exposing themselves.
- Put in place in-network protections capable of detecting lateral movement and privilege escalation to prevent these attacks.
- Understand the shared security model of the cloud.
“Making life difficult for attackers is one of the most effective tactics for defenders, and today’s cybersecurity tools make it easier for every small business to efficiently and safely protect their businesses,” states the author, Carolyn Crandall, chief deception officer and CMO at Attivo Networks.
Businesses aren’t the only targets for cyber threats. According to The Hill, the FBI believes that, “K-12 institutions represent an opportunistic target to hackers, as many school districts lack the budget and expertise to dedicate to network integrity.
How to Step Up Your Cybersecurity Game
In a recent survey, Business Matters reports that while doing business in a pandemic world, 92% of businesses of all sizes consider themselves at risk for cyber threats. It offers these recommendations for small businesses to spot and fix vulnerabilities:
- Risk Assessment. Take stock of where and how your data is stored and who can access it. Then, gauge how sensitive that data is. This will help you determine the risk levels of possible breaches – and how deeply they would impact your business. Once this is done, you can make sure that the most sensitive data has the highest levels of protection, and only a select few people have access.
- Employee Training. Many cyber security threats come from internal sources. To prevent this from happening, the most crucial thing is to increase your team members’ security awareness. Make sure to implement (and enforce) company policies around passwords, device encryption, installing updates, not using public Wi-Fi, harnessing VPN networks, and avoiding private memory devices.
- Backups & Recovery. For small companies in particular, ransomware is a considerable threat. If you’re ever targeted by a ransomware attack, having such a comprehensive backup strategy will allow you to keep your operations up while you sort the issue out.
- Pentesting. Hire a cyber security expert to test your systems by attacking them. Then, they will be able to tell you exactly where your weaknesses are, and how to remedy them.
“Cybersecurity risk has never been greater, especially as everything is interconnected across a larger and ever-expanding digital environment,” states Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet’s FortiGuard Labs, in his recent Dark Reading article. Manky talks about the disruptive shift in cyberattacks of the past year, noting the three areas of disruption including core networks, home offices, and supply chain. Fortinet, a Cyber Oregon sponsor, recently released its Global Threat Landscape Report.
Cyber Oregon partner blog post of interest: Crowdstrike: Security in Sweatpants: Embracing Remote Workers via Zero Trust