Network Security News | Ingalls Information Security

Articles of interest from the week of June 22, 2020

Written by John Frasier | Jun 22, 2020 4:00:00 AM

Average Cost of a Data Breach: $116M

Sensitivity of customer information and time-to-detection determine financial blowback of cybersecurity breaches. The authors of the "Trends in Cybersecurity Breach Disclosures" report from Audit Analytics reviewed 639 cybersecurity breaches at public companies since 2011 and discovered that, on average, each cyber breach costs $116 million. (By Marc Wilczek, Dark Reading) Ingalls: A determining factor in the cost and the amount of impact of a data breach is the length of time it takes to respond to the breach and recover to normal. Our MDR service can quickly detect and respond to threats before they become breaches.


Self-Propagating Lucifer Malware Targets Windows Systems

Security experts have identified a self-propagating malware, dubbed Lucifer, that targets Windows systems with cryptojacking and distributed denial-of-service (DDoS) attacks. The never-before-seen malware initially tries to infect PCs by bombarding them with exploits in hopes of taking advantage of an “exhaustive” list of unpatched vulnerabilities. While patches for all the critical and high-severity bugs exist, the various companies impacted by the malware had not applied the fixes. (By Lindsey O'Donnell, Threatpost) Ingalls: Our blog post, Advanced Control: Vulnerability Lifecycle Management, explains how to go from the bare minimum with patch management to a more robust vulnerability lifecycle management capability that ensures risks are identified and mitigated.


REvil Ransomware Scans Victim's Network for Point of Sale Systems

REvil ransomware operators have been observed while scanning one of their victim's network for Point of Sale (PoS) servers by researchers with Symantec's Threat Intelligence team. REvil (also known as Sodinokibi) is a ransomware-as-a-service (RaaS) operation known for breaching corporate networks using exploits, exposed remote desktop services, spam, as well as hacked Managed Service Providers. After getting access to a target's network, the operators spread laterally while also stealing data from servers and workstations, later encrypting all the machines on the network after gaining administrative access to a domain controller. (By Sergiu Gatlan, BleepingComputer) Ingalls: Ransomware has become so widespread and commonplace that a normal attack garners neither the shock of security professionals nor the attention of the media. This speaks to the critical need for businesses to take a proactive approach to cybersecurity in order to be positioned for early detection and fast response. Are You Prepared To Defend Against Ransomware?


Work From Home Opens New Remote Insider Threats

Remote work is opening up new insider threats – whether it’s negligence or malicious employees – and companies are scrambling to stay on top of these unprecedented risks. (By Lindsey O'Donnell, Threatpost) Ingalls: The endpoint, regardless if its on a home or office network, is the place where attacks take place. Get comprehensive visibility across all of your endpoints and detect malicious activity, not just malicious code, before negative impact occurs with our Managed Detection and Response (MDR) service.


Ransomware Perspectives: The Shape of Things to Come

Michael Hamilton has worked in the information security industry for 30 years. As former CISO for the City of Seattle, he managed information security policy, strategy, and operations for 30 government agencies. In this interview with Help Net Security, Michael discusses ransomware attacks and offers insight on how they will evolve in the near future. (By Mirko Zorz, Help Net Security) Ingalls: Please contact us today if you would like to speak to one of our cybersecurity experts about how we can help reduce your risk of ransomware and other threats no matter how they change in the future.