Many people have the misconception that their data is not valuable and that that, in turn, they are unlikely to be the target of a cyberattack. Whether you clicked on a link or the unsubscribe button in the email, you would have potentially opened the floodgates to the possibility of single or multiple cyberattacks that could hold you, or your business’ future hostage. According to ProofPoint’s Human Factor report, more than 99 percent of cyberattacks require human interaction to succeed.
CyberNews updated us on a hacker that is selling access to the networks of thousands of companies for over a million USD. The organizations that have been compromised by that person are using unpatched software.
The initial bid was set to 25 BTC, which is about $386,600, but there’s also a “Buy Now” option that goes up to 75 BTC ($1,159,750). The listing appeared on multiple dark web forums once on October 3 and another on October 26.
This is a hefty price to pay to someone who may as well not send anything back, but we’re talking about a galore of networks here. Someone could deploy PowerShell tools, access files, edit the registry, change administrator rights, and plant spyware on the target systems connected with the compromised networks. The possibilities of exploitation are limitless.
The “Silk Road” money movement that took place a couple of days back has a very clear explanation. The U.S. government finally took control of the wallet that was under monitoring in the past seven years. Someone had stolen the money from the notorious marketplace and just kept it there indefinitely. Earlier in the week, someone withdrew Bitcoin worth approximately one billion USD from a “burned” wallet that was known to have had links to the notorious dark web market “Silk Road.” Now, we learned that this move was made by the U.S. Department of Justice after they managed to seize the particular wallet.
Remember, these actors are doing “bulk” scans, so they don’t persist much on specific targets. If your network’s configuration makes it even a tad bit harder to break it, actors move on to other targets as there are plenty of them out there. So, there is the basis for “security through abundance,” but you also need to do something to differentiate your systems from the pack. These scans happen at such a scale right now that keeping unpatched systems online and hoping that nothing bad happens is just totally naïve. Weekly operating system patches are a critical part of maintaining a healthy endpoint. Finally, using an antivirus solution from ManagedTEK and setting up a strong firewall could save the day.
Like operating systems, third party applications have security vulnerabilities. By deploying security updates, and critical updates to applications during maintenance windows, we make sure that all the computers have their third-party applications vulnerability free. Online cyber threats has become the biggest talking point today. A single security breach could lead to data loss, unplanned downtime, and damage to businesses, their client’s, and your personal reputation.
Discussion appeared on TechNadu.