Hacker Tracker | December in Review

Where are we in the world of cybersecurity? It’s easy to miss the cybersecurity threats and attacks happening right in our “backyard”. Our goal at PK Tech is to educate and offer proactive steps for cybersecurity safety. It’s important to be aware–without being afraid–of the cybersecurity threats that are real threats for your business. PK Tech aims to be a leading educator and support tool in the world of cybersecurity.

Check out our monthly “Hacker Tracker” for the latest in cybersecurity hacks, breaches and updates…

#1- Russia Suspected In Major Cyberattack On U.S. Government Departments | 12.14.20

  • Russia was suspected in a major cyberattack on U.S. government departments.
  • Russian hackers working for the Kremlin are believed to be behind breaches of U.S. government computer systems at the departments of Treasury, Commerce and Homeland Security that may have lasted months before they were discovered
  • While Russia initially denied the attack,  the U.S. government quickly acknowledged a breach and said it was investigating to make a full assessment.
  • Read our related blog: Recap: Russia Suspected in Historic U.S. Government Cybersecurity Breach.
  • View the Source

#2- New Goontact spyware discovered targeting Android and iOS users | 12.16.20 

  • Security researchers have discovered a new malware strain with spying and surveillance capabilities —also known as spyware— that is currently available in both Android and iOS versions.
  • Named Goontact, this malware has the ability to collect from infected victims data such as phone identifiers, contacts, SMS messages, photos, and location information.
  • The Goontact malware is currently distributed via third-party sites promoting free instant messaging apps dedicated to reaching escort services.
  • Right now the malware is focused in Asian countries but poses the risk of spreading elsewhere.
  • View the Source

#3- A second hacking group has targeted SolarWinds systems | 12.21.20

  • Some SolarWinds systems were found compromised with malware named Supernova and CosmicGale, unrelated to the recent supply chain attack.
  • Security researchers believe attackers were using the Supernova web shell to download, compile, and execute a malicious Powershell script (which some have named CosmicGale).
  • Experts warn that companies that find Supernova on their SolarWinds installations need to treat this incident as a separate attack.
  • View the Source

Lessons Learned From This Month’s Hacks

2020 ended with a spectacular cybersecurity nightmare for the US government. Read more about this event and our thoughts here.

Here are our summarized lessons learned for 2021:

  • Keep your important devices and infrastructures up to date. For cell phones and network devices, update ASAP. For Windows devices in a business setting, apply via a managed update strategy. 
  • Be a skeptic toward all unsolicited communication that wants you to act. Apply this to your vendors, co-workers, friends, and family — contact them a different way and confirm it. Millions of people are clicking on links, wiring funds, getting infected, etc., because they fall for phishing attacks.
  • Personally and professionally, turn on multi-factor on every account containing private information. This greatly increases your security and adds a layer of protection if/when your password is compromised.
  • Add cybersecurity threat mitigation to your business’s meeting agendas. Topics typically include: cybersecurity insurance, assessing risks frequently (including vendors with privileged access), and investing in preventive measures. It will only get worse in 2021 and expect new government regulations coming down the pipeline for anyone storing PII or ePHI.

Reach out to us if you have any questions here.