Hacker Tracker | March in Review

Hacker Tracker | March in Review

Where are we in the world of cybersecurity? It’s easy to miss the cybersecurity threats and attacks happening right in our “backyard”. Our goal at PK Tech is to educate and offer proactive steps for cybersecurity safety. It’s important to be aware--without being afraid--of the cybersecurity threats that are real threats for your business. PK Tech aims to be a leading educator and support tool in the world of cybersecurity.

Check out our monthly “Hacker Tracker” for the latest in cybersecurity hacks, breaches and updates...

#1 FBI: One type of scam is costing business the most | 3.18.21

  • According to the FBI, amid the global pandemic, cybercriminals went on an ‘Internet crime spree’, with Americans losing over $4.2 billion to cybercriminals and scammers in 2020.
  • Throughout 2020, the FBI's Internet Crime Center (IC3) received 791,790 complaints of suspected internet crime, or about 300,000 more than it did in 2019 when the agency recorded estimated losses at more than $3.5 billion.
  • Business email compromise (BEC) or email account compromise (EAC) were by far the biggest sources of reported losses, totaling $1.8 billion across 19,369 complaints.
  • View the Source

#2 Microsoft Exchange Server attacks: 'They're being hacked faster than we can count', says security company | 3.22.21

  • A 'significant' number of cyberattacks targeting vulnerable Microsoft Exchange servers are attempted every single day, making it critical to apply patches immediately.
  • Cyber criminals attempt to target organizations that have yet to apply the security patches released to mitigate them.
  • Microsoft released critical updates to secure Microsoft Exchange Servers against the four vulnerabilities on March 2nd with organizations urged to apply them as a matter of urgency to prevent cyberattacks to their email servers.
  • View the Source

#3 Ransomware gangs have found another set of new targets: Schools and universities | 3.23.21

  • National Cyber Security Centre issues advice on how to protect networks from cyber criminals after a spike in ransomware attacks caused disruption across the education sector over the past month
  • Cyber criminals are hoping that the need for schools and colleges to provide teaching will result in victim organizations giving in to extortion demands and paying a ransom in bitcoin in exchange for the decryption key required to restore the network.
  • It's likely that the attempted targeting of sensitive information is an effort to engage in double-extortion ransomware attacks, where cyber criminals threaten to publish stolen data if they're not paid the ransom.
  • View the Source

Lessons Learned From This Month's Hacks

  1. Email compromises, aka, falling for phishing attacks and clicking on the wrong link leading to infection or worse, is the #1 threat to all businesses in our experience and per the FBI.
    We can't say this enough: BE A SKEPTIC! Unprovoked email from a co-worker or vendor? That's unusual. Are they asking for money, access, contact via an unusual method? Red flag! If you think there's a possibility it's true, contact them via a different known good method, such as their public-facing business phone number.

  2. We are fortunate enough to have zero Microsoft Exchange servers under our management as of 2021. Office 365 is more important to Microsoft than their on-premise email platform Exchange, in our opinion.
    Our takeaway is: use products that the vendors care about. Where focus goes, energy flows. Microsoft has made Exchange Server harder to buy and maintain in hopes you give up and go to Office 365. With this hack, pretty much every Exchange server has been compromised for months, and the total fallout will not be known for years. Our advice - switch to Office 365 ASAP and use app-based MFA on all global admin accounts.

  3. Schools are targets for ransomware because their IT security is often underfunded or an afterthought, and yet they depend on IT to function. Schools/universities may also be unattractive to cybersecurity professionals due to low pay and lack of upward career paths. We don't have all the answers, but we believe there needs to be a government-led initiative for securing our cyberinfrastructures from enemies. Local governments, schools, businesses, and individuals are being attacked in the open and make headlines every week. The U.S. is caught on the back foot on this front, and we look forward to any progress beyond “good luck” from Uncle Sam. 

Reach out if you have questions here.