Articles of interest from the week of April 26, 2021

Only 8% of Businesses That Paid a Ransom Got All of Their Data Back

The average total cost of recovery from a ransomware attack has more than doubled in a year, increasing from $761,106 in 2020 to $1.85 million in 2021, a Sophos survey reveals. The average ransom paid is $170,404. A paid ransom guarantees little. The global findings also show that only 8% of organizations manage to get back all of their data after paying a ransom, with 29% getting back no more than half of their data. (By Help Net Security) Ingalls: Ingalls Information Security understands the Ransomware threat. Since 2010, we’ve been in war rooms and boardrooms, investigating computer networks targeted and attacked by criminals and nation-state-sponsored hackers. This experience gives us a powerful edge in preventing and responding to cyberattacks. Please contact us today if you would like to speak to one of our cybersecurity experts.

Is Multifactor Authentication Changing the Threat Landscape?

Changes to the cybersecurity threat landscape are constant and dynamic: threat actor groups come and go, alter tactics, techniques, and procedures (TTPs) and adjust to new defensive mechanisms. Over time, both cybercriminal gangs and nation-state actors endure arrests and swap individuals in what can appear to be an ongoing arms race between good and evil. (By Camille Singleton co-authored by Limor Kessem, SecurityIntelligence) Ingalls: Have you noticed how often security breaches, stolen data, and identity theft are consistently front-page news these days? Perhaps you, or someone you know, are a victim of cybercriminals who stole personal information, banking credentials, or more. As these incidents become more prevalent, you should consider using multi-factor authentication, also called strong authentication or two-factor authentication. This technology may already be familiar to you, as many banking and financial institutions require both a password and one of the following to log in: a call, email, or text containing a code. By applying these principles of verification to more of your personal accounts, such as email, social media, and more, you can better secure your information and identity online! For more information, please visit our How-To-Guide For Multi-Factor Authentication blog post.

Chase Bank Phish Swims Past Exchange Email Protections

Threat actors are impersonating Chase Bank in two phishing attacks that can slip past Microsoft Exchange security protections in an aim to steal credentials from victims — by spoofing real-life customer scenarios. (By Elizabeth Montalbano, Threatpost) Ingalls: Phishing attacks use email or malicious websites to infect your machine with malware and viruses in order to collect personal and financial information. Cybercriminals attempt to lure users to click on a link or open an attachment that infects their computers, creating vulnerability to attacks. Phishing emails may appear to come from a real financial institution, e-commerce site, government agency, or any other service, business, or individual. The email may also request personal information such as account numbers, passwords, or Social Security numbers. When users respond with the information or click on a link, attackers use it to access users’ accounts. For more information, please visit our How-To-Guide To Defend Against Phishing Attempts blog post.

Three Questions to Consider to Help Mitigate Against Supply Chain Attacks

With the recent SolarWinds SunBurst exploit, many security professionals are reassessing standard threat models and national cyber-defense strategies. For now, organizations and system owners must use the tools and resources available to mitigate the probability of being further exploited by supply chain attacks. (By John Faber, Infosecurity Magazine) Ingalls: It’s time to come to grips with a critical reality: There is no silver bullet for keeping cybercriminals out. For those relying solely on software for protection, it’s only a matter of time before you experience a breach. Read about our defense-in-depth approach to information security through our Managed Detection and Response (MDR) services.

Q1 2021 Ransomware Trends: Most Attacks Involved Threat To Leak Stolen Data

The vast majority of ransomware attacks now include the theft of corporate data, Coveware says, but victims of data exfiltration extortion have very little to gain by paying a cybercriminal. The stolen data has likely been held by multiple parties and not secured, and victimized organizations can’t be sure that it has been destroyed and not traded, sold, misplaced, or held for a future extortion attempt, they explained. (By Help Net Security) Ingalls: Unfortunately, ransomware remains a serious threat to all industries and accounts for nearly a quarter of all malware-based attacks. Ransomware has become so widespread and commonplace that a normal attack garners neither the shock of security professionals nor the attention of the media. Are You Prepared To Defend Against Ransomware?