Press "Enter" to skip to content

Zero Trust on the rise, insurance carriers say “catastrophe”, and from the ashes of DarkSide and REvil comes….

Rising prices of insurance against cyber attacks fail to take account of the potential catastrophic effects of a widespread attack, Chubb chief executive Evan Greenberg said last week.   “The pricing environment is pretty good,” Greenberg said on a conference call. “But … that is not addressing by itself the fundamental issue…. Like pandemic, cyber has a catastrophe profile to it.”  This from IT News.

CISA has announced its Vulnerability Disclosure Policy Platform for federal agencies, designed to be a coordination platform with the security community.    The NSA has also released guidance for securing wireless devices in public.  Cheat sheet – VPNs on public WiFi, and two factor authentication.  

The Department of Justice has released that the the SolarWinds attackers gained access to significantly more officials emails than initially thought.  27 US Attorneys’ offices were impacted, and all sent, received, and stored emails and attachments between May 7 and December 27 2020 were compromised.  

Microsoft found that 76 percent or organizations are in the process of implementing a Zero Trust architecture — up six percent from last year.

The shift to hybrid work, accelerated by COVID-19, is also driving the move towards broader adoption of Zero Trust with 81 percent of organizations having already begun the move toward a hybrid workplace,” writes Vasu Jakkal, Microsoft corporate vice president of security, compliance and identity.

Barracuda has released data that says organizations face over 700 social engineering attacks on average each year, and 43% of phishing attacks impersonate Microsoft. 

So speaking of phishing, Microsoft is also warning about the BazarCall call center malware operation.   It’s more dangerous than initially thought.    It targets Office 365 and Microsoft 365 customers with a phishing email about an expiring bogus trial subscription, which then leads to a call to the call center to get the victim to install the Bazacall backdoor.     The group can move quickly – within 48 hours of compromise.

And, DarkSide and REvil have reconstituted as the new gang BlackMatter.      The group is targeting organizations with revenues of more than $100 million, between 500 and 15,000 devices, and not previously targeted.    The group has also listed “off limit” targets like hospitals, critical infrastructure, oil and gas, defense, non-profits, and government.  

Why do we care?

Standard reasons to care are the landscape, trend, etc, plus thoe actionable resources.

I was a bit surprised by Microsoft’s 76% number….. and then checked to see who was asked, and it’s security professionals.    Which makes this make a lot more sense.  Those WITHOUT a security professional on staff would give you a blank stare.  That remains an opportunity in the SMB and midmarket, particularly for those companies who don’t have internal security staff.     The data DOES show the importance – those in the know are moving this way.

Let’s also highlight the insurance industry reaction.    The chatter continues to be how unsustainable that industry finds the current situation.       Even without regulatory action, IT providers insurance will go up, and the audits will continue to increase.   Better plan for that.