Cybersecurity Without Insanity? It could be as simple as 3 – 2 – 1…
This week: This week is a a big one in cyber security world, as the 2023 Verizon Data Breach Investigations Report has just been published. I’ll talk about its key findings next week (but here’s a sneak peak – “74% of breaches involve the human element”). In the meantime, news about a cyber attack in Mazars in Brazil, how 0.1% of emails may be the cause of 66% of all breaches, and the 5 most common ways that Irish people are fooled by cyber criminals.
3 – Mazars in Brazil is hit by ransomware
“Russia-linked ransomware syndicate ALPHV/BlackCat claims to have stolen sensitive data from [the Brazilian arm of] Mazars Group. A post on the gang’s dark web blog says that crooks took over 700 GB of data, including agreements, financial records, and other sensitive information.”
This is according to a recent report in CyberNews, and shared by Secure The Village. Mazars has confirmed that Mazars in Brazil was “a recent target of a cybercrime”, although it has not confirmed that nature of the crime or the criminal gang involved. It says that its independent IT infrastructure prevented the attack from spreading to other Mazars entities worldwide, so client data outside of Brazil remained unaffected. Independent forensic experts identified the scope and root cause of the breach, and Mazars are now work closely with impacted clients. They are also using the lessons from this incident to enhance cybersecurity measures across all of the entities in the group.
Key takeaway: Mazars describes itself as a “single, united, and connected partnership”. Fortunately, it appears the IT infrastructure is separated (aka ‘segmented’), so an incident in one part of the enterprise is less likely to spread. Segmentation can be a very effective security measure, as the HSE (Ireland’s national health service) only learned after it was attacked.
2 – Spear phishing emails: 0.1% of all emails sent, but responsible for 66% of all breaches
“In an analysis of 50 billion emails across 3.5 million mailboxes, Barracuda researchers uncovered nearly 30 million spear-phishing emails. While these emails make up less than 0.1% of all emails sent, but they are responsible for 66% of all breaches.”
This is according to research published by Barracuda Security, and recently mentioned by KnowBe4. Spear phishing as “a social engineering attacker [using] personal or confidential information they have learned about a potential victim or organization in order to more readily fool the victim into performing a harmful action.”
It also gives some excellent examples, including:
- The attacker figures out the names of your colleagues (e.g. using LinkedIn), and then mention these names in their email to you. Because they seem to ‘know’ your colleagues, you are more likely to trust them.
- The attacker sees that your company is merging with another company, and pretends to be someone working on the merger. Because you are still learning about the new people and third parties that are involved, you are more likely to accept that this is just one more new person introducing themselves.
Another key difference between spear-phishing and ‘standard’ phishing is the urgency. While standard phishing emails try to get you to act urgently, a spear phishing attacker may bide their time to build trust, so their eventual attack is more likely to succeed.
Key takeaway: Phishing emails are getting better. Is your staff training and awareness keeping up?
1 – Five of the biggest financial frauds targeting people in Ireland – and how to avoid them
Mandatory Covid tests, Brexit customs charges, overdue toll charges, compromised bank cards, and finding somewhere to rent: The five topics most commonly used to fool Irish people into handing over their money.
This is a according to a recent report in the Irish Independent. And as mentioned in the report, the Gardaí (Ireland’s police force) has stated that reports about account take over fraud (where a criminal gains access to your bank account, and quickly drains it dry) has increased by 560% since 2019. Some of these frauds involve low-tech steps as well – For example, criminals have been known to send innocent taxi drivers to collect the bank card of someone who has been fooled by one of their fraudulent emails.
Key takeaway: If you receive a message that requires immediate attention, give it your immediate (and undivided) attention. But don’t immediately move from [attention] to [action]. Think before you act.
PS I talk about these news stories, and delve into how to manage cyber risks and regs without losing your sanity, on the “Cybersecurity Without Insanity” podcast.
All episodes are accessible from https://www.codeinmotion.ie/podcast or wherever you get your podcasts.