Network Security News | Ingalls Information Security

Articles of interest from the week of August 2, 2021

Written by John Frasier | Aug 2, 2021 4:00:00 AM

Security Breaches Where Working From Home Is Involved Are Costlier, Claims IBM Report

Firms looking to save money by shifting to more flexible ways of working will need to think carefully about IT security and the additional cost of breaches linked to staff working from home. That's according to the latest annual "Cost of a Data Breach Report" conducted by Ponemon Institute along with IBM Security, which found that the average total cost of a remote-working data breach was more than $1m higher than cyberattacks where remote working wasn't a factor. (By Tim Richardson, The Register) Ingalls: Questions about how to stay secure while working remotely? Ingalls helps businesses large and small manage security risks and defend against cyberattacks. If you’d like to learn more, please contact us here. One of our cybersecurity experts will be more than happy to assist you and answer any questions you may have.


Ransomware’s Rising Tide Is Threatening To Capsize Small Businesses

Among its many repercussions, the recent compromise of IT service provider Kaseya left an estimated 1,500 companies — most of them small businesses — struggling to recover after their systems were locked by ransomware in a vicious supply chain attack. The breach was the latest in a series of high-profile attacks this year, but its impact on small businesses, in particular, was a reminder that cyberattacks are an equal-opportunity plague. (By David Braue, Cybercrime Magazine) Ingalls: Ingalls: We understand the Ransomware threat.  Since 2010, we’ve been in war rooms and boardrooms, investigating computer networks targeted and attacked by criminals and nation-state-sponsored hackers. This experience gives us a powerful edge in preventing and responding to cyberattacks. Ingalls helps businesses large and small manage security risks and defend against cyberattacks. If you’d like to learn more, please check out our Blogs Are You Prepared to Defend Against Ransomware? And Ransomware, To Pay or Not to Pay?  


Cybercrime Costs Organizations Nearly $1.79 Million Per Minute

The study, which analyzed the volume of malicious activity on the internet, laid bare the scale and damage of cyber-attacks in the past year, finding that 648 cyber-threats occurred every minute. (By James Coker, Infosecurity Magazine) Ingalls: Our Managed Detection and Response (MDR) service is designed for advanced detection, threat hunting, anomaly detection, and response guidance utilizing a defense-in-depth approach that monitors and correlates network activity with endpoints, logs, and everything in between. Unlike a traditional Managed Security Service Provider (MSSP), our service is geared toward proactive prevention. We do this by utilizing the very latest in cloud, big data analytics technology, and machine learning along with the cybersecurity industry’s leading incident response team, to identify threats to your environment.


Best Practices to Thwart Business Email Compromise (BEC) Attacks

In a recent study, 71% of organizations acknowledged they had seen a business email compromise (BEC) attack during the past year. Forty-three percent of organizations experienced a security incident in the last 12 months, with 35% stating that BEC/phishing attacks account for more than 50% of the incidents. The FBI's Internet Crime Complaint Center (IC3) reports that BEC scams were the most expensive of cyberattacks in 2020. (By The Hacker News) Ingalls: Ingalls Information Security has the ability to investigate Cloud-based BEC breaches as well as deploy tools into any on-premises environments to check for lateral movement by attackers who have access to Single Sign-On (SSO) credentials such as those managed by Microsoft Active Directory and Azure Active Directory. We are able to assist in remediation of any BEC breaches by analyzing email accounts, determining what actions attackers took (such as the creation of forwarding and delete rules for inboxes, etc.), and purging email accounts of spear-phishing emails as well as unauthorized changes. 


Why Supply Chain Attacks Are Destined to Escalate

The epic software supply chain attacks over the past year, including the high-profile breaches of SolarWinds, Microsoft Exchange Server, Kaseya, and Codecov, were only the beginning. (By Kelly Jackson Higgins, Dark Reading) Ingalls: The conversation around cybersecurity amongst executives and IT professionals must evolve. Cybersecurity encompasses a large ecosystem that requires its own mastery of the discipline, separate from IT administration. Threat actors, whether nation-state sponsored or independent criminal gangs, are exploiting gaps that result from immature and underfunded security postures - and they are growing in sophistication, targeting more critical infrastructure and services at a break-neck pace and critical scale. It is time to see investing smartly and effectively in cybersecurity, and bringing expertise around it to the decision-making table, as an existential imperative. Contact us today to learn more about how we can help secure your company's information in a personalized and efficient way.