InTegriLogic Blog

Northwestern Memorial HealthCare

https://portswigger.net/daily-swig/data-breach-at-third-party-provider-exposes-medical-information-of-us-healthcare-patients
Exploit: Third-Party Data Breach

Northwestern Memorial HealthCare: Hospital System
Customers Impacted: Unknown

How It Could Affect Your Business: Proprietary data like this is cybercriminal gold. It’s both useful for committing future cybercrime and quickly saleable in the busy dark web data markets.

 

---

 

Morgan Stanley

https://www.bleepingcomputer.com/news/security/morgan-stanley-reports-data-breach-after-vendor-accellion-hack/
Exploit: Third-Party Data Breach

Morgan Stanley: Financial Services Firm
Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware can have ripple consequences that complicate response for everyone involved, creating unexpected risk.

 

---

 

Republican National Committee (RNC)

https://www.bloomberg.com/news/articles/2021-07-06/russian-state-hackers-breached-republican-national-committee
Exploit: Nation-State Cybercrime

Republican National Committee (RNC): Political Organization
Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Business: Reviewing potential avenues of risk can help you and your customers make a strong defensive plan.

 

---

 

GETTR

https://therecord.media/gettr-leaks-email-addresses-and-user-details-in-api-security-snafu/
Exploit: Hacking

GETTR: Social Media Platform
Customers Impacted: 40,000

How it Could Affect Your Business: Strong endpoint security and security awareness training are vital for the success of security plans

 

---

 

Switzerland – Comparis

https://www.reuters.com/technology/ransomware-attack-hits-swiss-consumer-outlet-comparis-2021-07-09/
Exploit: Hacking

Comparis: Shopping Platform
Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Business: Personal data is gold in dark web markets, and cybercriminals are hungry to find new stores of it to sell.

 

---

 

Germany – Spreadshop

https://www.privacysharks.com/spreadshop-hit-by-cyber-attack-payment-details-emails-and-passwords-breached/
Exploit: Hacking

Spreadshop: Shopping Platform
Customers Impacted: Unknown

How it Could Affect Your Business: If client data was impacted, GDPR carries stiff penalties for customer data loss and those continue to climb.

 

---

 

India – Technisanct

https://ciso.economictimes.indiatimes.com/news/data-breach-in-trading-platform/83829525
Exploit: Hacking

Technisanct: Trading Platform
Customers Impacted: 3.4 million

How it Could Affect Your Business: PII was the second most popular category of data in dark web markets last year according to the Verizon/Ponemon DBIR 2021 report.
 

---

 

Taiwan – Adata

https://www.bleepingcomputer.com/news/security/adata-suffers-700-gb-data-leak-in-ragnar-locker-ransomware-attack/
Exploit: Ransomware

Adata: Computer Chip Maker
Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised.

Customers Impacted: Unknown

How it Could Affect Your Business: That’s a huge trove of data that will be very popular in hacker marketplaces.

 

---

These 10 Facts About Passwords Prove That Your “Password Protected” Data Isn’t Safe.

Companies are still relying on passwords alone to be an effective security measure – and that is a mistake that could lead to an expensive disaster like a data breach fast. Don’t rely on just a password for data loss prevention. It’s completely outdated. You wouldn’t use an old-fashioned lock to secure your office door – why are you relying on an old-fashioned lock to secure your data? See how password risk has evolved with the help of the Dark Web to learn why you need to upgrade your security from “password protected” to “secure identity and access management solution defended”. Take a look at 10 facts about passwords that will shine a light on why secure identity and access management is a must-have.

Passwords Aren’t Protection

As we’ve demonstrated before, passwords are not an effective security measure, and keeping data and systems safe in the modern threat landscape requires stronger protection. These 10 statistics clearly show that passwords are definitely not the last word in data loss prevention.

• At least 60% of people reuse passwords across multiple sites regularly.
• A terrifying 13% of people use the same password for all passworded accounts and devices.
• An estimated 81% of data breaches are due to poor password security.
• Although 91% of participants in a recent survey understand the risk of password reuse, 59% admitted to doing it anyway.
• 543 million employee credentials for Fortune 1000 companies are circulating on commonly used underground hacking forums, a 29% increase from 2020.
• Unfortunately, 48% of workers use the same passwords in both their personal and work accounts.
• Compromised passwords are responsible for 81% of hacking-related breaches.
• The average person reuses each password 14 times!
• An estimated 49% of employees only add a digit or change a character in their password when they’re required to update it.
• More than 60% of employees use the same password across multiple work and home applications.

People Love to Make Bad Passwords

Most people will choose passwords that can be divided into 24 common combinations, and 49% of users will only change one letter or digit in one of their preferred passwords when required to make a new password. Based on an analysis of the data that we analyzed from Dark Web ID in 2020, the most categories of information used to generate bad passwords in 2020 were Names, Sports, Food, Places, Animals, and Famous People/Characters.

Most passwords originate from these groups:

59% of Americans use a person’s name or family birthday in their passwords
33% include a pet’s name
22% use their own name
Take a look at the Worst Passwords of 2020 to find out what NOT to do.

The Most Common Passwords by Category

Names: maggie
Sports: baseball
Food: cookie
Places: Newyork
Animals: lemonfish
Famous People/Characters: Tigger

 

These 10 Facts About Passwords Prove That Your “Password Protected” Data Isn’t Safe.

Companies are still relying on passwords alone to be an effective security measure – and that is a mistake that could lead to an expensive disaster like a data breach fast. Don’t rely on just a password for data loss prevention. It’s completely outdated. You wouldn’t use an old-fashioned lock to secure your office door – why are you relying on an old-fashioned lock to secure your data? See how password risk has evolved with the help of the Dark Web to learn why you need to upgrade your security from “password protected” to “secure identity and access management solution defended”. Take a look at 10 facts about passwords that will shine a light on why secure identity and access management is a must-have.

Passwords Aren’t Protection

As we’ve demonstrated before, passwords are not an effective security measure, and keeping data and systems safe in the modern threat landscape requires stronger protection. These 10 statistics clearly show that passwords are definitely not the last word in data loss prevention.

• At least 60% of people reuse passwords across multiple sites regularly.
• A terrifying 13% of people use the same password for all passworded accounts and devices.
• An estimated 81% of data breaches are due to poor password security.
• Although 91% of participants in a recent survey understand the risk of password reuse, 59% admitted to doing it anyway.
• 543 million employee credentials for Fortune 1000 companies are circulating on commonly used underground hacking forums, a 29% increase from 2020.
• Unfortunately, 48% of workers use the same passwords in both their personal and work accounts.
• Compromised passwords are responsible for 81% of hacking-related breaches.
• The average person reuses each password 14 times!
• An estimated 49% of employees only add a digit or change a character in their password when they’re required to update it.
• More than 60% of employees use the same password across multiple work and home applications.

People Love to Make Bad Passwords

Most people will choose passwords that can be divided into 24 common combinations, and 49% of users will only change one letter or digit in one of their preferred passwords when required to make a new password. Based on an analysis of the data that we analyzed from Dark Web ID in 2020, the most categories of information used to generate bad passwords in 2020 were Names, Sports, Food, Places, Animals, and Famous People/Characters.

Most passwords originate from these groups:

59% of Americans use a person’s name or family birthday in their passwords
33% include a pet’s name
22% use their own name
Take a look at the Worst Passwords of 2020 to find out what NOT to do.

The Most Common Passwords by Category

Names: maggie
Sports: baseball
Food: cookie
Places: Newyork
Animals: lemonfish
Famous People/Characters: Tigger

 

---

US & UK Data Breaches Are Exploding, Driving Up Cyber Insurance Rates

At the root of many damaging cybersecurity incidents, you’ll find phishing. In fact, 90% of incidents that end in a data breach start with a phishing email. Researchers at leading organizations have been sounding the alarm about phishing forever, but many organizations still fail to really take the threat seriously to their detriment. As phishing rates worldwide continue to climb, escalating risk for devastating cyberattacks like ransomware and business email compromise, there’s a new impetus for businesses to fight back against phishing.

Phishing Never Stops Evolving

While it may not seem like it on the surface, phishing is a complex hazard for businesses to navigate. One reason for that complexity is that phishing is a rapidly evolving area of cybercrime. The bad guys are always trotting out new scams. In fact, researchers at the University of Maryland estimate that cybercriminals launch a new cyberattack like phishing every 39 seconds. These statistics offer a starting point when considering the way that phishing impacts the business world right now.

Phishing Quick Hits

• 94% of malware is delivered by email.
• More than 80 % of reported security incidents are phishing-related
• 40% of phishing messages aren’t caught by conventional security or a SEG
• One-fifth of employees in a 2020 survey fell for phishing tricks and interacted with spurious emails
• 45% of employees click emails they consider to be suspicious “just in case it’s important.”

US & UK Data Breaches Are Up by Over 70%

Data breach numbers have been skyrocketing all over the world since the start of the global pandemic, and phishing is at the root of many of those breaches – an estimated 74% of organizations in the United States have fallen victim to a successful phishing attack that resulted in a data breach in the last 12 months. The US is the leader in phishing-related data breaches for 2021 so far, with rates 30% higher than the global average, and 14% higher than the same period in 2020.

But the US isn’t that far ahead, and the dramatic increase in phishing-related data breaches that are plaguing businesses isn’t just a US problem. In a recent UK survey of insider incident risk, researchers noted that 73% of the UK organizations that they surveyed have suffered at least one data breach caused by phishing attacks in the last year. Overall, researchers studying phishing found that 80% of IT professionals that they spoke to worldwide said that their organizations have faced an increase in the number of phishing attacks that they’re combatting in 2021.

US & UK Cyber Insurance Rates Are Also Climbing

The epic rise in phishing-related data breaches is also behind the serious rise in pricing for cyber insurance up by 56% in the US and 35% in the UK. Insurance industry experts point to ransomware as the cause of such steep increases. Ransomware cyber insurance claims worldwide clocked a 260% increase in 2020 as cybercriminals turned up the heat. Many insurers are placing restrictions on the coverage that companies can buy for phishing related disasters because of the frequency and severity of losses related to ransomware, including insurance giants like AXA have announced that they will no longer underwrite cyber insurance policies to reimburse companies for ransomware payments after cyber attacks.

What is Behind the Increase?

While there’s no single cause that can be isolated for the rise in phishing-related data breaches, three major factors have seriously influenced the phishing-related data breach landscape. The pandemic certainly set up the conditions under which phishing thrived last year. In a survey of executives, 90% said that their companies experienced an increase in cyberattacks due to the pandemic with 98% incurring significant security challenges including an increased volume of phishing messages within just the first two months. But that’s not the total story. Other contributors have also played a part.

Remote Work Has Created Too Much Opportunity for Cybercriminals to Resist

The rise of remote work has definitely been a factor in increased phishing. Email volume increased dramatically, and that increased opportunity for cybercriminals to conduct phishing scams. Google notched a more than 600% increase in phishing email at the start of the global pandemic and phishing remains at a high volume. Over half of IT leaders say that remote working during the pandemic increased data breaches caused by phishing, and that problem, doesn’t appear to be waning either. Google has registered 2,145,013 phishing sites as of Jan 17, 2021. This is up from 1,690,000 on Jan 19, 2020 (up 27% over 12 months).

• About 55% of remote workers use email as their primary form of communication.
• More than 40% of remote workers polled recently admitted that they’d made email handling errors that caused cybersecurity incidents.
• An estimated 50% of the IT leaders surveyed in a recent insider threat survey expect this trend to continue into the future.

Social Engineering Powered by Abundant Dark Web Data

Bad actors use all sorts of psychological tricks to lure their victims into the number one type of social engineering attack: phishing. These attacks are typically powered by abundant dark web data. About 60% of the data on the dark web at the beginning of 2020 could be used to harm businesses and more than 22 billion new records have been added including 103 GB in this year’s RockYou2021 dump. Socially engineered phishing attacks use that data to lure employees into opening dodgy emails, clicking suspicious links, handing over passwords, downloading sketchy attachments and engaging in other unsafe behaviors that can put your business at risk of damaging disasters.

• Socially engineered cyberattacks are just under 80% effective.
• Over 90% of successful data breaches are rooted in social engineering.
• More than 70% of IT professionals say they’ve experienced employees falling for a social engineering attack.

The Evolution and Weaponization of Ransomware

These days, every business is at risk of a ransomware attack, and the majority of those are delivered through phishing. Ransomware attacks can be especially sophisticated, often utilizing social engineering in order to lull targets into a false sense of security that encourages them to download a poisonous Office file (48% of malicious attachments in 2020 were office files) or provide a bad actor with their credentials under false pretenses – and giving the bad guys a golden opportunity to snatch data. Cybercriminals are especially interested in mounting attacks that enable them to use highly profitable double and triple extortion ransomware.

• 51% of businesses worldwide were negatively impacted by ransomware in 2020
• 65% of active cybercriminal gangs use phishing as their favored method of delivery for ransomware
• Two in five SMBs experienced a ransomware attack in 2020

How Can Businesses Reduce US & UK Data Breach Risk from Phishing?

With the world operating remotely during the pandemic lockdowns last year, email volume skyrocketed. An estimated 306.4 billion emails were sent and received each day in 2020, triple the average increase of past years. That figure is expected to continue to grow steadily as companies continue to grapple with the implications of the ongoing pandemic and virus variants that could lead to long-term remote work becoming the norm. If email volume continues to trend the way that experts expect, it is estimated to reach over 376.4 billion daily messages by 2025.

Unfortunately, businesses continue to be locked into remote operations in most of the world as the global pandemic enters a new phase, creating another round of opportunities that cybercriminals won’t want to miss. In this year’s ISACA State of Cybersecurity 2021 Survey, 35% of respondents reported that their enterprises are experiencing an increase in cyberattacks like phishing in 2021. That’s three percentage points higher than was recorded in that survey in 2020, a record-breaking year for phishing worldwide. That means that it is imperative for businesses to fight back against the rising tide of phishing by taking sensible precautions.

US & UK Data Breaches Are Exploding, Driving Up Cyber Insurance Rates

At the root of many damaging cybersecurity incidents, you’ll find phishing. In fact, 90% of incidents that end in a data breach start with a phishing email. Researchers at leading organizations have been sounding the alarm about phishing forever, but many organizations still fail to really take the threat seriously to their detriment. As phishing rates worldwide continue to climb, escalating risk for devastating cyberattacks like ransomware and business email compromise, there’s a new impetus for businesses to fight back against phishing.

Phishing Never Stops Evolving

While it may not seem like it on the surface, phishing is a complex hazard for businesses to navigate. One reason for that complexity is that phishing is a rapidly evolving area of cybercrime. The bad guys are always trotting out new scams. In fact, researchers at the University of Maryland estimate that cybercriminals launch a new cyberattack like phishing every 39 seconds. These statistics offer a starting point when considering the way that phishing impacts the business world right now.

Phishing Quick Hits

• 94% of malware is delivered by email.
• More than 80 % of reported security incidents are phishing-related
• 40% of phishing messages aren’t caught by conventional security or a SEG
• One-fifth of employees in a 2020 survey fell for phishing tricks and interacted with spurious emails
• 45% of employees click emails they consider to be suspicious “just in case it’s important.”

US & UK Data Breaches Are Up by Over 70%

Data breach numbers have been skyrocketing all over the world since the start of the global pandemic, and phishing is at the root of many of those breaches – an estimated 74% of organizations in the United States have fallen victim to a successful phishing attack that resulted in a data breach in the last 12 months. The US is the leader in phishing-related data breaches for 2021 so far, with rates 30% higher than the global average, and 14% higher than the same period in 2020.

But the US isn’t that far ahead, and the dramatic increase in phishing-related data breaches that are plaguing businesses isn’t just a US problem. In a recent UK survey of insider incident risk, researchers noted that 73% of the UK organizations that they surveyed have suffered at least one data breach caused by phishing attacks in the last year. Overall, researchers studying phishing found that 80% of IT professionals that they spoke to worldwide said that their organizations have faced an increase in the number of phishing attacks that they’re combatting in 2021.

US & UK Cyber Insurance Rates Are Also Climbing

The epic rise in phishing-related data breaches is also behind the serious rise in pricing for cyber insurance up by 56% in the US and 35% in the UK. Insurance industry experts point to ransomware as the cause of such steep increases. Ransomware cyber insurance claims worldwide clocked a 260% increase in 2020 as cybercriminals turned up the heat. Many insurers are placing restrictions on the coverage that companies can buy for phishing related disasters because of the frequency and severity of losses related to ransomware, including insurance giants like AXA have announced that they will no longer underwrite cyber insurance policies to reimburse companies for ransomware payments after cyber attacks.

What is Behind the Increase?

While there’s no single cause that can be isolated for the rise in phishing-related data breaches, three major factors have seriously influenced the phishing-related data breach landscape. The pandemic certainly set up the conditions under which phishing thrived last year. In a survey of executives, 90% said that their companies experienced an increase in cyberattacks due to the pandemic with 98% incurring significant security challenges including an increased volume of phishing messages within just the first two months. But that’s not the total story. Other contributors have also played a part.

Remote Work Has Created Too Much Opportunity for Cybercriminals to Resist

The rise of remote work has definitely been a factor in increased phishing. Email volume increased dramatically, and that increased opportunity for cybercriminals to conduct phishing scams. Google notched a more than 600% increase in phishing email at the start of the global pandemic and phishing remains at a high volume. Over half of IT leaders say that remote working during the pandemic increased data breaches caused by phishing, and that problem, doesn’t appear to be waning either. Google has registered 2,145,013 phishing sites as of Jan 17, 2021. This is up from 1,690,000 on Jan 19, 2020 (up 27% over 12 months).

• About 55% of remote workers use email as their primary form of communication.
• More than 40% of remote workers polled recently admitted that they’d made email handling errors that caused cybersecurity incidents.
• An estimated 50% of the IT leaders surveyed in a recent insider threat survey expect this trend to continue into the future.

Social Engineering Powered by Abundant Dark Web Data

Bad actors use all sorts of psychological tricks to lure their victims into the number one type of social engineering attack: phishing. These attacks are typically powered by abundant dark web data. About 60% of the data on the dark web at the beginning of 2020 could be used to harm businesses and more than 22 billion new records have been added including 103 GB in this year’s RockYou2021 dump. Socially engineered phishing attacks use that data to lure employees into opening dodgy emails, clicking suspicious links, handing over passwords, downloading sketchy attachments and engaging in other unsafe behaviors that can put your business at risk of damaging disasters.

• Socially engineered cyberattacks are just under 80% effective.
• Over 90% of successful data breaches are rooted in social engineering.
• More than 70% of IT professionals say they’ve experienced employees falling for a social engineering attack.

The Evolution and Weaponization of Ransomware

These days, every business is at risk of a ransomware attack, and the majority of those are delivered through phishing. Ransomware attacks can be especially sophisticated, often utilizing social engineering in order to lull targets into a false sense of security that encourages them to download a poisonous Office file (48% of malicious attachments in 2020 were office files) or provide a bad actor with their credentials under false pretenses – and giving the bad guys a golden opportunity to snatch data. Cybercriminals are especially interested in mounting attacks that enable them to use highly profitable double and triple extortion ransomware.

• 51% of businesses worldwide were negatively impacted by ransomware in 2020
• 65% of active cybercriminal gangs use phishing as their favored method of delivery for ransomware
• Two in five SMBs experienced a ransomware attack in 2020

How Can Businesses Reduce US & UK Data Breach Risk from Phishing?

With the world operating remotely during the pandemic lockdowns last year, email volume skyrocketed. An estimated 306.4 billion emails were sent and received each day in 2020, triple the average increase of past years. That figure is expected to continue to grow steadily as companies continue to grapple with the implications of the ongoing pandemic and virus variants that could lead to long-term remote work becoming the norm. If email volume continues to trend the way that experts expect, it is estimated to reach over 376.4 billion daily messages by 2025.

Unfortunately, businesses continue to be locked into remote operations in most of the world as the global pandemic enters a new phase, creating another round of opportunities that cybercriminals won’t want to miss. In this year’s ISACA State of Cybersecurity 2021 Survey, 35% of respondents reported that their enterprises are experiencing an increase in cyberattacks like phishing in 2021. That’s three percentage points higher than was recorded in that survey in 2020, a record-breaking year for phishing worldwide. That means that it is imperative for businesses to fight back against the rising tide of phishing by taking sensible precautions.