Cyber Security Newsletter Week 1


Scottish firms 1 in 2 chance of cyber attack


Businesses in Scotland face a one-in-two chance of a cyber security breach, and the severity of these are getting worse. What’s happened in 2021 is the severity of the impact of cybercrime has worsened. Irelands
Health Service was forced to cancel operations and maternity services after being hit by a similar attack to the Scottish Environment Protection Agency (Sepa), which cost the business millions and was a serious attack. While these large-scale attacks make the headlines, there is a different side to cyber-attacks. Rather than aiming at large bodies, small and medium- sized enterprises (SMEs) and individuals are also targets.
“Phishing” cyber scams which have occasionally hit the headlines in the pandemic, with texts purporting to be from the NHS asking for a fee for a vaccine, for example.


Solutions:

• Phishing Prevention- End-point protection,
• Vulnerability Scanning,
• Consultancy Service

CMA CGM Cyber-attack crushed

CMA CGM S.A. is a French container transportation and shipping company. CMA CGM Group has secured its systems against a recent cyber-attack. Following the cyber-attack, a limited leak of contact information related to some customers was detected on one of the Group’s mobile apps. Operations are unaffected. The leak concerns limited personal data of our customers first and last names, employer, position, business email address and phone number. This is the second cyber-attack on CMA CGM Group in less than a year. The Group was also targeted last September. Confidential information related to commercial contracts, bank details and other information with CMA CGM has remained completely secured.

Solutions:
• Vulnerability Scanning/ Penetration Testing
• Email Security and Awareness Mimecast
• Data Protection

Check your afternoon emails, its scammer time!

Not only do scammers use spear-phishing attacks to target certain industries, but they do so at a specific time. Research shows that gone are the days of sketchy attachments, the age of shady links has come. An analysis of over 2 million phishing emails by human layer security company Tessian shows that contrary to popular belief, scammers avoid marketing tactics. Most malicious emails are delivered between 2 PM and 6 PM, with very little fluctuation day-to-day, except for the weekend. The report claims that this is no accident. After looking into millions of emails sent over 12 months from July 2020 to July 2021, researchers found that most phishing emails land at 2 PM when most employees are focused on afternoon coffee. The next peak in activity comes close to 6 PM, with scammers hoping that the last email of the day will not receive as much scrutiny as it should. 44%, of malicious emails were designed to lure employees into clicking shady URLs. Interestingly, however, 12% of emails analyzed contained neither attachments nor links.

Solutions:
• Vulnerability Scanning
• Email Security and Awareness Mimecast
• End-point protection.

Check 3.8 million Clubhouse and Facebook user records were put for sale online

A user on a popular hacker forum is selling a database that purportedly contains 3.8 billion user records. The database was allegedly compiled by combining 3.8 billion phone numbers from a previously scraped Clubhouse ‘secret database’ with users’ Facebook profiles. The compilation appears to include names, phone numbers, and other data. The poster is asking $100,000 for the full database of 3.8 billion entries but is also willing to split the archive into smaller portions for potential buyers. The database also contains profiles of users who don’t have Clubhouse accounts, whose phone numbers might have been acquired by threat actors due to the company’s past insistence that users share their full contact lists with Clubhouse to use the social media platform. The scraped Clubhouse phone numbers, which were posted without any additional information about the users, were practically useless to threat actors. As a result, the previous Clubhouse scraped was marked as a ‘bad sample’ on the forum and failed to spark any interest from scammers.

Solutions:
• Website/ Email Protection
• Data Protection/ DDoS Protection
• Awareness Training

Cyber Threats result in 60% increase in cyber intelligence

Record breaking levels of intelligence sharing across all regions occurred due to large-scale threats; These areas include North America, Latin America, Europe and the UK. Cyber attacks on the financial sector have soared by 60% from August 2020 to August 2021 caused by supply chain and ransomware threats. Sharing intelligence, following appropriate remediation and best practices with peers and counterparts is fundamental to staying ahead of emerging cyber threats.

Solutions:
• Cyber Consultancy Awareness Training
• Ransomware Protection
• Risk Management

Major US port Target of attempted cyber attack

The Port of Houston, a major U.S. port, was targeted in an attempted cyberattack last month. The attempted hack involved a password management program called ManageEngine ADSelfService Plus. the Cybersecurity and Infrastructure Security Agency along with the FBI and the U.S. Coast Guard said that the vulnerability in the software creates a serious threat to critical infrastructure companies, defense contractors, and others. This comes as some major U.S. companies such as Colonial Pipeline and JBS USA have experienced similar ransomware cyberattacks in 2021. The recent high-profile attacks against Colonial Pipeline and JBS Foods highlight that operational technology (OT) — the devices that drive gas flows and food processing, along with essentially all other machine-driven physical processes — does not need to be directly targeted to be shut down as the result of a cyber-attack.

Solutions:
• Vulnerability Scanning,
• Awareness Training,
• Ransomware Protection.