Spring is the time of year when people start thinking about decluttering, cleaning, and readying themselves for the next season—spring cleaning. It's a tradition that dates back centuries, but it could also be applied to an organization's cybersecurity.
There’s never a bad time to reflect on how best to keep your organization safe, especially given that there seems to have been no shortage of malicious threats in April. Some of the world's biggest organizations were hit, so giving your data security a spring clean this month would be time well spent indeed.
Related Reading: How to Revamp Your Organization’s Cybersecurity Program
Stormous Targets Global Soft Drink Company
One of the world's best-known soft drinks (other cola-flavored drinks are available) faced a potential data loss incident in April. Stormous—a new Russia-based threat actor—began to sell data that supposedly belonged to the company.
161GB of the organization’s data was put on the dark web for sale to the highest bidder. Stormous has publicly declared its support for Russia’s invasion of Ukraine, so this may be some form of retaliation for US support of Ukraine. However, a previous Stormous attack on the company behind Fortnite was shown to be demanding a ransom for data that was already available.
This process, wherein threat actors ransom data they acquired from a third party, is known as scavenging. However, because it indicates weaknesses in an organization’s data security, it still requires full cybersecurity vigilance, and organizations must be mindful of a wide variety of threats in 2022.
Why not undertake a free health check to analyze the security and reliability of your GoAnywhere configuration?
Related Reading: Is Your Product Configuration Secure and Reliable?
Ransomware – The Threat That Never Stops
It feels like the ransomware threat has been and will be with us forever. It's such a variable threat, constantly mutating and evolving, that keeping protected from it is a significant cybersecurity challenge for many organizations.
Get the Guide: CISO Perspectives: Data Security Survey 2022
This was further demonstrated by a recent Federal Bureau of Investigation (FBI) TLP:WHITE flash alert. It revealed that the BlackCat ransomware gang (which also goes by the name of ALPHV), has breached the networks of at least 60 organizations worldwide between November 2021 and March 2022.
Throughout 2022, the FBI has been committed to revealing how ransomware gangs operate and who they are targeting, with dozens of US critical infrastructure organizations already breached. BlackCat’s ransomware executable is especially customizable, making it easy for cybercriminals to tailor attacks to target a broad range of different environments.
The FBI shared mitigation measures to help network defenders block BlackCat attacks and advised victims to report any incidents to their local FBI field office.
Related Reading: What is Ransomware-as-a-Service (RaaS)?
Does Your Workforce Have a Cybersecurity Skills Gap?
There are many entry points for a virus or attack. An organization can have the best cybersecurity solutions in the world, but if it hasn’t addressed its people and processes too, then it will remain vulnerable.
This was highlighted in global research by Fortinet, which revealed eight in 10 organizations have suffered at least one breach that can be attributed to a cybersecurity skills or awareness gap. There is a cybersecurity talent shortage that extends globally, but organizations can undoubtedly do more to ensure their current teams are up to speed and aware of the latest threats.
We offer free GoAnywhere product training and certifications that can bring your users fully up to speed – click here for more details.
Security Breaches Can Go Right to the Top
Cybersecurity is an issue that affects those at the top of an organization just as much as it does elsewhere. The UK government is the latest example of that.
According to the Canadian investigative group, The Citizen Lab, computer systems in both Downing Street and Foreign, Commonwealth & Development Office (FCDO) were suspected of having been infected with Pegasus spyware in 2020 and 2021. Pegasus allows governments to take control of people’s phones and extract data from them.
It should be pointed out that NSO Group, who owns Pegasus, has denied these allegations, saying Pegasus can only be used for legitimate law enforcement purposes, but it shows how difficult spyware can be to protect against. If the government is vulnerable, then that’s a lesson for everyone else to get their house in order.
Lenovo Laptop Users Beware
There are millions and millions of Lenovo laptop users around the world, many of which are now facing cybersecurity issues following the discovery of three new vulnerabilities that could lead to the execution of malware.
This malware bypasses UEFI Secure Boot and can impact hundreds of different Lenovo models. Because some of the affected laptops have reached end of life, there are no patches available for these models. The company that discovered the vulnerabilities—ESET—recommends using an anti-malware product that scans for UEFI threats and uses a TPM-aware full-disk encryption product to make the disk inaccessible.
Cybersecurity Spring Cleaning: Secure File Transfers
With hybrid working now the norm, secure file transfer continues to grow in importance. GoAnywhere MFT is a market-leading solution for robust and secure file transfer. If you are considering reviewing your secure file transfer processes, book a 15-, 30- or 60-minute demonstration to learn more about what GoAnywhere is and how it can help.
