This Month in Cyber Security: January 2021 (2:42)

by | Jan 26, 2021 | Security

If 2020 taught us anything, it’s that cyber threats await us around every corner. Even though every threat may not be relevant to you, it’s crucial to understand them. Peters & Associates hosts 30-minute cyber security webinars every month to breakdown the threat landscape and help breakdown their applicability to SMBs. This month we discussed threats related to the SolarWinds breach, Staying Safe, and developments in the ever-present threat of ransomware.

SolarWinds

As you may know, the Orion suite of SolarWinds suffered a major breach (SUNBURST). This breach left an estimated 18,000 customers exposed to malicious code. The impacts of this breach are still reverberating through the cyber security world. In response to this threat, the Cybersecurity and Infrastructure Agency (CISA) developed a tool named Sparrow. This tool has been designed to detect 12 indicators of compromise (IOC) directly related to the SolarWinds breach. Infrastructure and cybersecurity vendors, like Cisco, have integrated the Sparrow tool into their toolsets. At Peters & Associates, we have used this guidance from CISA and integrated these detection methods with our Security Review for Office 365. Our updated tool will search your Office 365 environment for these IOCs and notify you in the report. To learn more about this tool, please check out our Security Review for Office 365 webpage. Read about the SolarWinds breach here. In the wake of the SUNBURST attack, the NSA  advised on the prevalence of these attacks and how they are targeting other organizations.

Staying Safe

In addition to sharing the SolarWinds story with you, we also discussed evolving threats. One threat that is on the rise is vishing. Vishing is a method of phishing, that integrates human voice into a phishing scam. Cybercriminals will call victims letting them know an account of theirs has been compromised. They will then direct victims to a seemingly harmless website, which is actually a phishing website. The victim will be asked to log in, and when this is done, the account becomes compromised. Learn more here. Another attack circulating is targeting the COVID-19 vaccine supply chain. Similar to attacks that appeared early in the pandemic in which we saw fraudulent COVID-19 websites preying on people desperate for information; criminals are now launching phishing attacks and malicious websites targeting organizations that are critical in the vaccine supply chain. You can learn more about this scam here. Finally, in this section, it is also important to note a few things regarding Microsoft:

  1. Patch Tuesday was ranked 8.8/10 on importance, make sure you patch your systems.
  2. Windows 10 (19.03) will be going out of service in March. Upgrade to Windows 10 20H1 or 20H2.
  3. Flash Player will no longer be patched, either remove this from you browser or update to the latest version.

If you have any questions about the above mentioned, please reach out to us at info@peters.com

Ransomware

Every month we discuss the latest developments in the ransomware space. We feel this is important because these criminals are constantly evolving their methods. This month in cyber security, we noted that these criminals are more aggressive than ever. Ransomware “gangs” are now threatening to expose sensitive data, documents, and other information on the dark web or to broadcast the information publically. At Peters & Associates, we highly recommend following the 3-2-1-1 method. This method will help you to secure your backups and restore your data, should you encounter a ransomware attack. Please check out our backup and recovery page to learn more. If you have any concerns about cyber security, give us a call at 630.832.0075, or email us at info@peters.com. We are here to help you better understand the threat landscape and protect your business. Download the PDF slide deck here. Watch the full recording here. Watch the short recap below: