Articles of interest from the week of March 29, 2021

Developing a Risk Management Approach to Cybersecurity

By now most CISOs understand that focusing your cybersecurity program on regulatory compliance is no longer sufficient. Meeting those requirements will always be a crucial part of cybersecurity — but only one part. Far too many other “unregulated” risks still abound. (By Matt Kelly, Security Boulevard) Ingalls: At a time when cybersecurity is more strategic to businesses than ever before, determining one’s cybersecurity risk management strategy is crucial. Our Master Risk Control: Pick A Cybersecurity Risk Management Strategy blog post provides some valuable insight on the different options.

Ransomware Tops U.S. Cyber Priorities, Homeland Secretary Says

Department of Homeland Security (DHS) Secretary Alejandro Mayorkas said on Wednesday that dealing with ransomware will be a top priority, highlighting the growing threat of the data-scrambling software. (By Raphael Satter, Reuters) Ingalls: The traditional strategy of firewalls, antivirus software and applying security patches is no longer enough to protect your organization against today’s threats. Ingalls Information Security understands the Ransomware threat. Since 2010, we’ve been in war rooms and boardrooms, investigating computer networks targeted and attacked by criminals and nation-state sponsored hackers. This experience gives us a powerful edge in preventing and responding to cyberattacks. Are you prepared to defend against ransomware?

FBI Report Reveals Cybercrime Victims Lost $4.2 Billion in 2020

The FBI's Internet Crime Complaint Center (IC3) has published its annual report (PDF) for 2020, and it revealed that cybercrime victims in the US reported a total loss of $4.2 billion for the year. That's $700 million more than the reported losses for 2019. As you'd expect by the increase in losses, there was also an uptick in the number of complaints the IC3 received. In 2020, the organization fielded 791,790 complaints — mostly of the phishing, vishing (video phishing), smishing (text phishing) and pharming varieties — much higher than the 467,361 complaints it received in 2019. (By M. Moon, Engadget) Ingalls: Business Email Compromise (BEC) constitutes 37% of ALL losses last year. Since "spoofing" is likely a subgroup of BEC, the total loss number is close to $2.1 billion! Email-based threats, like BEC attacks, are becoming a bigger problem for businesses. Ingalls has the ability to investigate Cloud-based BEC breaches as well as deploy tools into any on-premises environments to check for lateral movement by attackers who have access to Single Sign On (SSO) credentials such as those managed by Microsoft Active Directory and Azure Active Directory. We are able to assist in remediation of any BEC breaches by analyzing email accounts, determining what actions attackers took (such as creation of forward and delete rules for inboxes, etc.), and purging email accounts of spear phishing emails as well as unauthorized changes.

Microsoft Office 365 Still the Top Target Among Phishing Attacks

In its report, the Menlo Tabs team said it discovered a rise in credential phishing attacks over the past month. In this popular type of campaign, the attackers create fake login pages or forms to steal credentials from corporate employees who use certain apps or services such as Office 365, Amazon Prime and Adobe. (By Lance Whitney, TechRepublic)Ingalls: Our Managed Detection and Response (MDR) service is designed for advanced detection, threat hunting, anomaly detection and response guidance utilizing a defense-in-depth approach which monitors and correlates network activity with endpoints, logs and everything in between. Unlike a traditional Managed Security Service Provider (MSSP), our service is geared toward proactive prevention. We do this by utilizing the very latest in cloud, big data analytics technology, and machine learning along with the cybersecurity industry’s leading incident response team, to identify threats to your environment.

Double-Extortion Ransomware Attacks Surged in 2020

Double-extortion ransomware attacks exploded in 2020, according to a recent Attack Landscape Update report. The tactic involves threat actors stealing data from organizations in addition to encrypting files. This means that, as well as demanding a ransom to decrypt data, attackers can later threaten to leak the stolen information if an additional payment is not made.. (By James Coker, Infosecurity Magazine) Ingalls: Quickly detecting malware on your endpoints and network can give you the chance to isolate it before it executes. Ingalls' Endpoint Detection and Response lets you find and destroy malware before it executes. Our AI driven software platform enables dynamic threat detection and immediate remediation efforts.