Current Malware and Security Breaches and How to Defend Against Them

SHARE

Successful military leaders know their enemies and the threats they present. This allows them to mount the right defense. Wise business leaders use the same tactic. Understanding current malware and security breaches that dominate the threat environment informs security strategy.

Cyber attacks in the news in the first half of 2022 show ransomware on the rise again. Additionally, hacker gangs have abused weak cyber security postures, exploiting insider threats and social engineering to gain network access. In many cases, basic security practices, including strong security awareness training programs, would have thwarted the attacks.

Ransomware on the Rise

After a decline in ransomware in 2021, ransomware attacks have begun to rise again. In fact, the first quarter of 2022 saw twice as many ransomware attacks as reported in the entire previous year. While high profile attacks on Colonial Pipeline, Apple and JBS gathered attention in 2021, hackers seem to be turning their focus to small and midsize businesses (SMBs).

Experts suspect a couple of reasons for this shift. In the first place, SMBs tend to invest significantly less on cyber security than large enterprises, making them easier targets. Also, attacking smaller organizations allows hackers to fly under the radar more effectively.

RansomHouse Gang Takes Advantage of Bad Passwords

Recently, the RansomHouse gang announced that it had stolen 450 GB of sensitive data from semiconductor giant AMD. RansomHouse seems to have appeared on the scene near the end of 2021, previously hijacking targets in Africa and Canada. In this instance, the gang mocks poor passwords at AMD that effectively left a door wide open for bad actors.

“Even technology giants like AMD use simple passwords to protect their networks,” wrote RansomHouse. The post revealed that AMD employees used well known passwords such as “123456” and “password.”

Due to the amount of valuable data RansomHouse claims to have acquired, they have not demanded a ransom from AMD. Instead, they have determined that selling the data on the black market will prove more lucrative.

Current-Malware-and-Security-Breaches-and-How-to-Defend-Against-Them_2-with-logo

Lapsus$ Hacker Group Exploits Insider Threats

Another hacker group, Lapsus$, has also carried out significant attacks this spring. Using social engineering, the group exploits insider threats to gain entrance to its victim organizations. In the case of Microsoft, for instance, they took over a single account, then compromised several key projects. Fortunately, customer data remained safe.

Authentication company Okta also fell prey to the group. In March, Lapsus$ compromised a vendor that provided support for Okta. By accessing the account of a support engineer, hackers exploited a connection to Okta’s environment.

Okta maintains that its zero trust procedures prevented Lapsus$ from fully taking over the compromised account. However, the company has had to work hard to reestablish trust with its customers, which include JetBlue, T-Mobile and Albertsons.

Top Malware Threats Employ Social Engineering

Social engineering features prominently in lists of top malware threats published by security experts this spring. For instance, the Shlayer virus continues to plague organizations by using malvertisements (malicious advertisements) to spread malware. Clicking the fake ads, often for Adobe Flash Player updates, leads victims to unwittingly install malicious code.

Similarly, hackers send emails regarding an “urgent Windows OS update” that users must install. The supposed update actually installs ransomware instead. Other attacks reference current news, such as ongoing COVID concerns, to tempt readers to click a link.

Current Malware and Security Breaches and How to Defend Against Them

Thwart Malware and Security Breaches with Essential Security Practices

By implementing essential security practices, organizations can guard against most of these threats. Specifically, critical practices include updating password policies and deploying multi-factor authentication (MFA), as well as strengthening email filters. Additionally, organizations guard against social engineering by increasing security awareness among all employees.

eMazzanti delivers the security tools necessary, from email defense to MFA, employee training, 24/7 network monitoring, and more.

Download Article PDF

UPCOMING VIRTUAL EVENTS

Demystifying Cyber Security for SMBs

sb-cyber-security-master-class

The continually changing threat landscape requires us to update best practices and add new concepts to keep your organization safe.

SESSION 4: Cyber Security Strategy
Watch On-Demand

SESSION 5: Cyber Insurance & MFA
Watch On-Demand

SESSION 6: Threat Detection | OCT. 16

Microsoft Copilot
Master Class Workshop

sb-microsoft-copilot-master-class

eMazzanti will host 60-minute Master Classes, that speak to how AI can help your business streamline and grow.

In each session, you will have Artificial Intelligence and Automation explained, view a live demo of Copilot, and see it live in action in a dynamic format.

RESOURCES

Cyber Security Awareness Hub

sb-Cyber-Security-Awareness-Hub

Cyber Security Awareness Kit, designed to be delivered to your team in bitesize chunks.

We are sharing the resources and highlighting services your organization needs, covering everything from multifactor authentication to software updates, showing your users just how easy it is to improve their security posture.

Resource Library

sb-resource-library

Insights to help you do what you do better, faster and more profitably.

> Tips to Stay Protected Against Phishing Attacks

> Understanding Ransomware 

> The 6 Known Wi-Fi Threat Categories Targeting Your Business and How to Defend Against Them

> Practical Advice for Avoiding Phishing Emails

Recent Articles

NEWSLETTER

Categories