Top security attacks of 2021
Microsoft Exchange Server Cyber Attack:
- On January hackers struck the Microsoft exchange server operating all over the world
- Infiltrated the email servers - which contained tonnes of confidential data.
- The data mostly came from giant companies and governments storing crucial information of their customers and citizens such as email addresses, passwords, etc.
- Over 250,000 servers have fallen victim to the data breach as of 9th March.
CNA Financial Cyber Attack
- USA’s largest cyber insurance provider fell prey to a skilfully crafted ransomware attack forcing millions to go out of business.
- The hackers who were behind the attack used a malware named Phoenix CryptoLocker to encrypt the database of the insurance firm
- CNA had to pay up a whopping $40 million
Colonial Pipeline cyber attack
- Hackers attacked Colonial Pipeline.
- The ransomware attack took place between 6th -12th May this impacted the computerised equipment managing the pipeline.
- Unfortunately, this led to a heavy data breach and halting of all activities for Colonial Pipeline, which mainly functions in the South-eastern parts of the United States.
- The attack was so severe and alarming that President Biden, as well as the Governor of Georgia, had to declare a state of emergency.
- Even though matters are in control now, the oil giant reportedly had to pay a ginormous $5 million to gain back access to its systems.
- Accenture has confirmed that it was hit by a ransomware attack, with a hacker group using the LockBit ransomware reportedly threatening to release the company’s data and sell insider information.
- LockBit, is a strain of ransomware that prevents users from accessing infected systems until a ransom payment is made.
Security risk : Top attacker country was the US with 12365 unique attacker (45.33%)
- The top trojan server detected was Lu0bot with 26 instances
- The top phishing campaign detected was against Facebook with 44 instances detected.
Approach to minimise security risk
- Red Piranha security risk assessment & audit services offer a comprehensive, business-driven approach to evaluating your cybersecurity maturity level based on your business operations and risk profile. The maturity model provides you with a simple, pragmatic approach to evaluate your current security maturity and identify targeted areas for improvement.
- Our team of in-house certified assessors and auditors combine control requirements from well-known frameworks to create a consolidated model which addresses the most critical security domains and capabilities, so you can meet today’s risk-focused demands.
- Reduces cyber attacks by controlling access and preventing unauthorised lateral movement on the network
- Cisco ISE profiles endpoints and identifies users. Based on contextual data collected ISE created role based access control (RBAC)policy
- Cisco ISE uses Cisco TrustSec technology embedded in Cisco routers and switching, to enforce policy throughout the network
- If an endpoint is compromised, ISE can be notified and change the access policy to contain or quarantine the threat.
Security Vulnerabilities - Potential target to a ransomware attack
- The device used is no longer state-of-the-art
- The device has outdated software
- Browsers and/or operating systems are no longer patched
- No proper backup plan exists
- Insufficient attention has been paid to cybersecurity, and a concrete plan is not in place
Anti - Ransomware software protection :
Kaspersky Internet security -
- The software is able to block infected files when you download or stream something, thus providing real-time protection.
- This prevents ransomware from infecting your computer and keeps cybercriminals at bay
Anti -ransomware tool -
- The tool helps detect and block ransomware by performing scans and protects your data both from local and remote-access ransomware attacks.
Video links :
Cisco Security Portfolio Overview - https://www.youtube.com/watch?v=LZn_I0omFXo&ab_channel=Cisco
Kaspersky Enterprise Cybersecurity - https://www.youtube.com/watch?v=a2dr5G_psGk&ab_channel=Kaspersky