Weekly Cybersecurity Recap May 6
Table of Contents
- By Patrick Ryan
- May 06, 2022
We are only four months into the new year, and cyber-attacks are soaring to record levels. As detailed below, businesses in all sectors are enduring digital offensives ranging from hackers transmitting ransomware to those embedding malware, conducting phishing scams, launching DDoS attacks, and more. Here's a quick recap of some of the week's top hacks and a look at the most important data and statistics pertaining to digital attacks in the year gone by, as reported by Constella Intelligence.
Kellogg Community College Ransomware
A ransomware attack levied against Kellogg Community College has caused the academic institution to suspend classes as well as online activities. Classes and other activities were halted at nearly half a dozen campuses. The ransomware attack disrupted the lives of 8,000+ students. Though there is the potential for classes to resume in the week ahead, the attack has caused significant disruption as final exams approach.
Kellogg's brass is leaning on IRT professionals to thwart the attack and bring the college's campuses and systems back online for the resumption of classes and operations. Kellogg responded to the attack by heightening its digital security defenses and forcing students, professors, and staff members to reset their passwords. All systems will remain offline until Kellogg's IT department declares it is safe to resume online classes and other activities.
The Return of Emotet Malware
Emotet malware attacks are rearing their ugly heads once again. The Emotet botnet is now using an updated delivery method to target computers with Windows operating systems. The disabling of VBA macros has set the stage for the new attacks after Emotet's 10-month absence. Emotet's new attack strategy centers on the use of harmful phishing emails to infect computers with malware. Emotet hackers then use a botnet to control the compromised devices.
Record-Setting DDoS Attack Halted
Cloudflare has thwarted a massive DDoS attack launched against one of its clients. The distributed denial of service attack launched slightly more than 15 million requests per second. Cloudflare defeated the attack before it could cause any harm. All in all, the DDoS attack lasted only 15 seconds. Thankfully, the infusion of malicious traffic transmitted from a botnet did not surpass the network capacity. Cloudflare states nearly one-fifth of the harmful traffic stemmed from Indonesia, with the rest of the traffic emanating from data centers scattered across nearly half a dozen countries.
Constella Intelligence Report Takeaways
Constella Intelligence recently issued a digital security report of note. The report covers the state of the digital security industry, highlighting cyber-attacks and providing insightful statistics.
The trends and statistics in the report show the breach economy is expanding with each passing year. Constella's digital security specialists note the financial, healthcare, energy, and telecommunications industries have been attacked more frequently than other industries. More than 65,000 online security breaches took place in 2021.
About 40 billion personal accounts were viewed or stolen during the year gone by. Constella reports much of that stolen information was placed on the dark web for purchase and subsequent use for identity theft. It is also concerning to note that Constella's Breach report notes the going rate for stolen information sold on the dark web is 100% higher than in previous years.
Add in the fact that about one-third of digital security breaches in 2021 occurred in a company within a critical infrastructure industry, and there is even more cause for concern. It is also worth noting that more than 13,000 breaches occurred at the companies that make up the popular Dow Jones stock exchange in the past year, culminating in the exposure of more than 10 million employee records.