Hacker Tracker | December in Review

Where are we in the world of cybersecurity? It’s easy to miss the cybersecurity threats and attacks happening right in our “backyard”. Our goal at PK Tech is to educate and offer proactive steps for cybersecurity safety. It’s important to be aware–without being afraid–of the cybersecurity threats that are real threats for your business. PK Tech aims to be a leading educator and support tool in the world of cybersecurity.

Check out our monthly “Hacker Tracker” for the latest in cybersecurity hacks, breaches and updates…

1. Shutterfly reports ransomware incident | 12.27.21

  • The company was reportedly hit by the Conti ransomware group according to one outlet.
  • Shutterfly experienced interruptions with Groovebook, manufacturing offices, and some corporate systems as well.
  • The company does not store credit card information or social security numbers, but has still hired an outside cybersecurity company to assess the damage of the attack.
  • View the Source

2. Cybersecurity company identifies months-long attack on US federal commission | 12.20.21

  • Cybersecurity company, Avast, said the United States Commission on International Religious Freedom (USCIRF) was hit with a cyberattack months ago.
  • Created in 1998, USCIRF describes itself as a US federal government commission that monitors the right to freedom of religion or belief abroad.
  • In Avast’s report, experts said attackers were able to compromise systems on USCIRF’s network in a way that enabled them to run code as the operating system and capture network traffic traveling to and from the infected system. This had been going on for months without detection.
  • View the Source

3. Oregon medical group notifies 750,000 patients of data breach | 12.14.21

  • The Oregon Anesthesiology Group (OAG) said it suffered a ransomware attack in July that led to the breach of sensitive employee and patient information.
  • The breach involves the information of 750,000 patients and 522 current and former OAG employees- including names, addresses, date(s) of service, diagnosis and procedure codes with descriptions, medical record numbers, insurance provider names, and insurance ID numbers.
  • The FBI said it believes the group exploited a vulnerability in OAG’s third-party firewall, enabling the hackers to gain entry to the network. 
  • View the Source

Lessons Learned From This Month’s Hacks

  1. From the attack on Shutterfly, we learn that just because your organization may not store seemingly sensitive information, you can still be a target of ransomware. Given the quantity and quality of recent ransomware attacks, attackers are not sparing companies that don’t store credit card information. The need to preventatively protect yourself remains just as important for these organizations.
  2. From the attack on USCIRF, we are reminded of the importance of regular monitoring, no matter your organization size or scope. Regular IT maintenance and monitoring is vital to detect foreign actors that may be operating within your system. Make sure you are working with a qualified managed IT service team to put preventative monitoring in place so that this does not happen to your organization. Finally — hey US government, spend some of those tax dollars on a unified cybersecurity task force and start ongoingly monitoring & hardening every department with an eagle on its seal.
  3. If your organization is subject to HIPAA, you have a duty to protect patient health information. Accepting insurance is a right, not a privilege. The article mentions the practice had an unpatched vulnerability exploited on their Sonicwall Firewall(s). How does an organization so large not have an IT company or IT people who care about patching the most critical piece of network equipment in the organization? We don’t even use Sonicwall, and we had emails, chats, listservs, etc., warning about these massive known flaws. Our best guess is the “penny wise pound foolish” method of IT spending caught up with them — we have a blog about this darwinistic practice titled The Golden Rule of Ransomware Attacks: Pay a Little Now or a Lot Later.

Questions? Contact PK Tech here.