Press "Enter" to skip to content

Ransomware as a cover for data breach as FBI warns Olympians

Financial services was the sector most targeted by malicious actors during the third quarter of 2021, seeing 22% of ransomware detections and 37% of advanced persistent threat (APT) detections – most of it linked to groups backed by Beijing and Moscow.

According to a newly released threat research report compiled by Trellix, a new cyber company formed in January 2022 out of what was McAfee Enterprise and FireEye. It found that publicly reported incidents in the financial services sector increased by 21% between July and September 2021 compared with the previous three months.  That from Computer Weekly.

One in seven ransomware extortion data leaks reveals business-critical operational technology data, researchers from Mandiant Threat Intelligence reported.

66% of organizations plan to increase their zero-trust spending, particularly around micro-segmentation initiatives. However, a lack of relevant expertise and stakeholder buy-in still poses challenges.   This is the verdict of a report compiled by Forrester analysts on behalf of zero-trust segmentation specialist Illumio, which also finds the majority of respondents, 78%, said they planned to bolster their zero-trust ops this year. Still, only 36% have already started this process – and just 6% have achieved what could be termed full implementation.

In research from Anomali, 87% said that their organizations were victims of successful cyberattacks sometime over the past three years. In this case, a successful attack is one that causes damage, disruption, or a data breach. Since the pandemic started almost two years ago, 83% of those polled have experienced an increase in attempted cyberattacks, while 87% have been hit with a rise in phishing emails, many of them exploiting coronavirus-related themes.

A new twist on hacking – per researchers at Cybereason, Iranian hackers are targeting a range of organizations around the world in campaigns that use previously unidentified malware to conduct cyber-espionage actions and steal data from victims – and in some cases, the state-backed attackers are also launching ransomware in a dual effort to embarrass victims and cover their tracks.   That from ZDNet.

And with the Olympics starting tomorrow, the FBI has been advising athletes to take burner phones to the games. The FBI advised athletes traveling to Beijing this month and those competing in the Paralympics in March to bring a temporary cellphone with them in place of their regular device in preparation for the risk of cyberattacks. Such attacks could include ransomware and malware, data theft, and distributed denial of service attacks, among others, according to the bureau.

Why do we care?

The Olympics story is here because of awareness – the Games will be loud when viewed from a media coverage perspective. The idea of athletes needing to secure devices will likely have some broad penetration.    

That’s actionable to have a discussion about data privacy for sure.     

I wanted to note the strategy of those Iranian hackers – malware to cover up the data theft.    With the data itself having value, it’s not hard to see why.    Safe to assume that may be happening in most cases, too, mainly since double extortion is more and more commonplace.