Although cyberattacks evolve and change every year, the cycle remains the same.
Vulnerabilities are discovered in IT systems, cybercriminals strike, and software patches are created to fix the issue. Attackers seek new weaknesses and the cycle repeats.
With the spring season well under way, now is a great time to review the happenings in the industry – and spring your security forward. Staying informed is the best route to staying protected.
Many patches were issued for graphical processing units (GPUs), industrial Internet-of-Things (IoT), and operational technology (OT) devices.
However, while these patches are available, the devices affected are not covered by common patching contracts and IT processes. Businesses must remain proactive in guarding against these unusual vulnerabilities.
Let’s take a look at the specifics.
Ransomware Attacks Becoming Worse
Ransomware dominated headlines over the past few years and continues to advance as a threat. As such, the recently formed Ransomware Task Force might eventually help us all—but more on that later.
As long as it remains such a danger, businesses must take security into their own hands.
From the ski resort Municipality of Whistler to Merseyrail in the UK, the list of ransomware victims continues to grow. Additionally, the consequences of attacks continue to escalate.
Researchers report that 77% of ransomware attacks now incorporate data exfiltration and extortion. Making matters worse, the average ransomware demand increased 80% from 2020.
Exfiltration attacks place added pressure on victims because leaked data often includes corporate secrets or regulated data. Personal identification data, health, and credit card information are favorite targets for hackers.
Three sectors in particular were hit hardest, accounting for nearly half (48.1%) of cyberattacks.
Professional services suffer nearly 1 out of every 4 ransomware attacks, while the healthcare and public sectors each account for roughly 12%.
Of course, ransomware attackers rarely target specific industries. They simply follow vulnerabilities.
In the last quarter, cyberattacks focused on obsolete Accellion hardware and on-site Microsoft Exchange Servers.
However, now network storage owners need to heed QNAP’s warnings: the AgeLocker ransomware targets unsecured network-attached storage devices.
A Price More than Money
Organizations generally view the cost of ransomware as financial losses, operations interruptions, public embarrassment, or lawsuits. However, others come with far more serious consequences.
For example, the Swedish oncology radiation system provider, Elekta, suffered a series of cyberattacks. To protect both customers and patients, their cloud-based systems were forced offline.
However, taking down the cloud systems forced some healthcare providers such as Yale New Haven Health and the Lifespan Cancer Institute of Rhode Island to shut down radiation clinics.
Although hackers likely didn’t set out to shut down life-saving services for critically sick patients, that’s exactly what happened.
When the monetary price of a ransomware attack comes paired with human costs, organizations must be even more vigilant to prevent attacks.
Ransomware Task Force
In an effort to disrupt the growing threat of ransomware, the Institute for Security and Technology created a 60-member coalition.
This impressive group includes US Department of Justice, the UK National Cybersecurity Centre, Europol, Amazon, Microsoft, FireEye, and more.
The partnership’s main goal is disrupting the financial workings of ransomware attackers, but also seeks congressional action. Updating cybersecurity laws in the U.S. is needed to allow future plans to be legal.
The collection coordinates between governmental agencies, private corporations, and existing security groups. Additionally, they strive to prosecute and curb criminal enterprises and any associated services.
Unfortunately, it may take some time before a reduction in ransomware is actually seen. In the meantime, organizations must maintain awareness and continue to monitor their systems.
Beyond the Ransom
Not all vulnerabilities lead to ransomware, yet still leave doors open for attackers to exploit.
Microsoft’s IoT security research group recently discovered more than 25 liabilities that allow remote-code exploits on a wide range of medical, consumer IoT, and OT devices.
Collectively dubbed BadAlloc, this group of flaws stems from shared software libraries using vulnerable memory functions.
A full list of affected devices can be found here, and organizations are urged to update secure these devices as soon as possible.
Recently, Nvidia provided a patch for its GPU drivers to protect against flaws that could steal or corrupt user data, or launch Denial of Service attacks.
While Nvidia is most associated with computer gamers, organizations need to be aware that their products are used elsewhere as well. Marketing departments commonly utilize graphics cards, and many laptops now have GPUs built into the hardware.
Bringing It All Together
Considering the devices involved in many of these cases often lie outside the scope of typical patching contracts and processes, IT departments need to take special action to correct them.
Since not all organizations track GPUs, IoT, or OT devices, IT departments need to verify if the devices are present or not.
As long as ransomware remains the constant and legitimate threat it is, businesses need to maintain the best security possible. To do anything less could make for a long, long year.
Ideal Integrations and Blue Bastion offer a full suite of services to address these and other IT and cybersecurity issues.
Call us today at 412-349-6680 or fill out the form below if your organization wants assistance to inventory devices, assess patching needs, or monitor for potential attacks.