Cybersecurity News of the Week, May 3, 2020

SecureTheVillage Calendar

IT and Cybersecurity Professionals Cinco de Mayo Happy Hour. May 5 @ 4:30 pm – 5:30 pm

Leadership Council Happy Hour. May 6 @ 4:30 pm – 6:00 pm

TownHallWebinar: The Law on ESI Spoliation Sanctions, Complimentary CLE Webinar from Leadership Council Member Driven. May 13 @ 2:00 pm – 3:00 pm

TownHallWebinar: Securing Your Home and Family (Part 1). May 14 @ 10:00 am – 11:00 am

Personal Cyber Security with Dr. Steve Krantz, May 26 @ 1:00 pm – 2:30 pm Calabasas Senior Center Calabasas, CA

Financial Services Cybersecurity Roundtable: Current Financial Services Threat Landscape. June 19 @ 8:00 am – 10:00 am

SecureTheVillage In The News

Cyber Hero Stan Stahl Brings Community to Cybersecurity: LOS ANGELES, April 28, 2020 /PRNewswire/ — This is another installment in SynED’s series to highlight cyber heroes who quietly go above and beyond in helping to secure our nation and communities. … No matter how sophisticated technology becomes, solving problems related to cybersecurity will require a human innovation and connection. These themes run throughout Stan Stahl’s work in the public and private sectors and fuel his passion for cybersecurity education. PR Newswire, April 28, 2020

Individuals at Risk

Cyber Defense

COVID-19 prompts DHS warning to review Office 365 security: Heads up, Microsoft Office 365 users: It’s time to take some important steps in securing your account. The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has released some recommendations to help secure the online productivity service. NakedSecurity, May 1, 2020

Cyber Danger

Online gamers at risk from cheats as malware authors develop “cheating” apps: Hyper-competitive online gaming has led to a ready market for cheats. But security experts warn that the skills involved with crafting cheats can easily by used for developing and selling malware. ZDNet, April 30, 2020

New Android Ransomware Threatens FBI Action Unless You Hand Over Credit Card Details: Most ransomware criminals demand their victims send cryptocurrency payments, typically in Bitcoin or the harder-to-trace Monero. A new strain of mobile ransomware targeting Android devices prefers good old credit cards. Forbes, April 30, 2020

Coronavirus-themed malware intensifies across the world: Such threats continued to spread in April and are likely to be the new norm, at least until the pandemic subsides, according to Bitdefender. TechRepublic, April 30, 2020

Cyber Humor

Information Security Management for the Organization

Information Security Management and Governance

7 Cybersecurity tips for small businesses – especially those with remote workers: SMBs must adapt their security practices for remote workers, but implementing these cybersecurity tips are a good idea even when people go back into the office. ZDNet, May 1, 2020

How Organizations Can Ramp Up Their Cybersecurity Efforts Right Now: Prior to Covid-19, most companies perceived their worst-case cybersecurity scenario as a computer virus that would shut down company computer systems. In fact, just the opposite happened: a human virus has forced virtually entire workforces online, making companies more reliant than ever on their systems. The stakes of protecting those systems from a cyberattack could not be higher. In the words of the old American Express commercial: “What will you do? What will you do?” HBR, May 1, 2020

The new cybersecurity resilience: Is your cybersecurity posture resilient enough to survive a pandemic? You’re about to find out. Teri Robinson reports. SC Magazine, May 1, 2020

MSPs / IT Vendors are the Latest Ransomware Target … Is your MSP / IT vendor putting you at risk? … New study says ransomware downtime costs are typically 23 times greater than the ransom requested: Ransomware is costing businesses—in ransom, yes, but also in downtime, the cost of which is typically 23 times greater than the ransom requested. The attacks are affecting large organizations and cities including Atlanta and Baltimore. Cybercriminals aren’t just attacking end-users; MSPs are the latest on the hit list. Security Magazine, April 29, 2020

Cybersecurity in the C-Suite & Board

Understanding the CFO’s Cybersecurity Role in the Age of COVID-19: Senior executives understand that today’s global economy is still not adequately protected against cyberattacks, despite years of effort and multi-billions in spending each year. Until recently, many chief financial officers (CFOs) may not have been considered an essential part of an organization’s security team. And many may not have understood how to respond to security risks and the implications for their organizations. SmartBrief, May 1, 2020

More than 1,000 companies have listed ransomware in SEC reports as a credible and potential future risk for their operations: A growing number of public companies are now listing ransomware as a forward-looking risk factor in documents filed with the US Securities Exchange Commission. ZDNet, April 30, 2020

Cyber Warning

A weak administrative account password without multi-factor authentication opened the door to a massive LockBit ransomware attack: You’ve probably never heard of LockBit, but that’s likely to change. ars technica, May 1, 2020

Microsoft Teams Impersonation Attacks Flood Inboxes: Two separate attacks have targeted as many as 50,000 different Teams users, with the goal of phishing Office 365 logins. ThreatPost, May 1, 2020

Phishing Campaigns Target Senior Executives via Office 365: A highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB. BankInfoSecurity, May 1, 2020

Cyber Talent

Council Post: Four Ways Employers Can Find Top Cybersecurity Talent: Recruiting cybersecurity professionals is a challenge. There are several reasons for this. First, the demand is great, so the competition is fierce. A study by ISC2 found that 46% of cybersecurity professionals are contacted weekly by recruiters, regardless of whether they are actively looking for a job. Meanwhile, 18% of cybersecurity professionals not seeking a new job receive calls daily from recruiters. Forbes, May 1, 2020

Only 41% of Cybersecurity Teams Can Securely Work Remotely: New research by ISACA has found that only 59 percent of cybersecurity teams are equipped to perform their jobs effectively while working from home. InfoSecurity Magazine, May 1, 2020

(ISC)2 Survey Finds Cybersecurity Professionals Being Repurposed During COVID-19 Pandemic … 47% of respondents have been temporarily taken off security duties to assist with IT-related tasks as organizations move to remote work: Clearwater, FL, April 28, 2020 – (ISC)² – the world’s largest nonprofit association of certified cybersecurity professionals – today released the findings of a survey in which 256 cybersecurity professionals shared insights into their current work situations during the first several weeks of the COVID-19 pandemic. In the (ISC)2 COVID-19 Cybersecurity Pulse Survey, 81% of respondents, all responsible for securing their organizations’ digital assets, indicated that their job function has changed during the pandemic. 90% indicated they themselves are now working remotely full-time. Security Boulevard, April 28, 2020

Cybersecurity in Society

Cyber Crime

New Ransomware Survey by Coveware. Average Business Payout Surges to $111,605. Majority of attacks target small and midsize businesses. Professional Services most frequently targeted. RDP & email top attack vectors: The average ransom paid by victims to ransomware attackers reached $111,605 in the first quarter of this year, up 33% from the previous quarter, reports ransomware incident response firm Coveware. In addition, every attacker now typically demands a ransom payment only in bitcoins. BankInfoSecurity, April 30, 2020

Hackers publish pharma giant’s data after ransomware attack: U.S. pharmaceutical giant ExecuPharm has become the latest victim of data-stealing ransomware. TechCrunch, April 27, 2020

Know Your Enemy

Dreambot malware operation goes silent: Dreambot backend servers have gone down and no new samples have been spotted for weeks. ZDNet, May 1, 2020

5 ways COVID-19 is reshaping the cybercrime economy: As the COVID-19 pandemic pushes the above-ground economy to the brink of a major recession, the cybercrime economy appears to still be hard-charging ahead. And yet, the virus has rapidly reshaped the way business is being done on the dark web, as buyers and sellers jump on the opportunity to capitalize on global fears, as well as dramatic shifts in supply and demand. SC Magazine, April 30, 2020

How Cybercriminals are Weathering COVID-19: In many ways, the COVID-19 pandemic has been a boon to cybercriminals: With unprecedented numbers of people working from home and anxious for news about the virus outbreak, it’s hard to imagine a more target-rich environment for phishers, scammers and malware purveyors. In addition, many crooks are finding the outbreak has helped them better market their cybercriminal wares and services. But it’s not all good news: The Coronavirus also has driven up costs and disrupted key supply lines for many cybercriminals. Here’s a look at how they’re adjusting to these new realities. KrebsOnSecurity, April 30, 2020

Cyber Freedom

The Cybersecurity 202: County election officials detail massive costs of remote voting: State and local officials are facing a mountain of new costs as they prepare to hold elections during the coronavirus pandemic — and money provided by Congress so far doesn’t come close to covering it. Washington Post, May 1, 2020

Cyber Research

CTO Perspective: Machines Protecting Themselves – The Future of Cybersecurity: In Louis Columbus’s article, “Machines Protecting Themselves Is The Future Of Cybersecurity,” he proposes that modern cybersecurity breach attempts are succeeding in misdirecting human responses, which creates a great need for machines to be able to protect themselves. Security Boulevard, April 30, 2020

Cyber Policy

The U.S. Chamber of Commerce’s International Cyber Law Project is an online reference tool that maps the cybersecurity and cybersecurity-related policy landscape in select countries: Sophisticated cyber intrusions — whether they’re ransomware attacks that shutter hospitals or theft of a multinational corporation’s data — make for headline-grabbing news. But as we have seen with the current COVID-19 crisis, neither pandemics nor cyberattacks respect international borders. No single country, no matter how powerful, can defeat these threats alone. What’s needed is effective preparation, threat mitigation, and prompt responses. US Chamber of Commerce, May 1, 2020

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge