In today’s digitized operating environment, a business is only as good as its cyber defenses.
And with Change Healthcare reportedly facing a new ransomware attack following an earlier massive breach in February, while Roku disclosed to its customers Friday (April 12) that 591,000 accounts were impacted by two separate cyberattacks, securing their cyber perimeters and locking down vulnerable attack vectors is increasingly top of mind for modern enterprises.
This, as the U.S. government has announced that a past data breach at Microsoft “presents a grave and unacceptable risk” to an undisclosed number of federal agencies.
Per an emergency directive issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), “The threat actor is using information initially exfiltrated from the corporate email systems, including authentication details shared between Microsoft customers and Microsoft by email, to gain, or attempt to gain, additional access to Microsoft customer systems … and has increased the volume of some aspects of the intrusion campaign, such as password sprays, by as much as 10-fold.”
The CISA has directed all affected federal agencies and those whose authentication processes have potentially been compromised to identify the full content of the agency correspondence with compromised Microsoft accounts and perform a cybersecurity impact analysis that includes taking immediate remediation action for tokens, passwords, API keys or other authentication credentials; as well as resetting credentials in associated applications and deactivate those associated applications.
After all, as the Microsoft incident shows, an organization’s cyber defenses span far beyond just its own firewalls. Attack vectors in today’s landscape are increasingly likely to be compromised through intrusions across B2B vendors and third parties, making mitigating supply chain cyber risks an imperative for modern enterprises.
Read more: Attack Vectors 2024: Scaling Effective Cyber Hygiene Throughout Your Business
Cyber-attacks targeting businesses are evolving constantly, making it critical for organizations to stay atop of the latest risks populating the threat landscape. In a password spraying attack, like those stemming from the Microsoft breach, bad actors deploy a list of previously stolen passwords, or try their hand with certain commonly used passwords, to gain unauthorized access to multiple accounts.
Unlike traditional brute-force attacks, where cyber criminals try multiple passwords for a single account, password spraying involves trying a few passwords across many accounts so as to reduce the risk of triggering account lockouts or detection by security systems.
In a credential stuffing attack, like the one suffered by Roku, bad actors use previously stolen username and password combinations to gain unauthorized access to user accounts on various online services. Cyber criminals typically obtain these credentials from data breaches on other websites and then try them on multiple other platforms, exploiting the tendency of users to reuse passwords across different accounts.
Insiders have repeatedly told PYMNTS that modern technologies like artificial intelligence (AI) could supercharge the capabilities of bad actors by providing turnkey and scalable cyber tools, including AI-generated voice clones and other techniques that can be used for nefarious purposes.
“We’ve always had social engineering attacks, but with the advent of AI, it’s much easier to create a bot that will have a credible conversation with a victim and convince many victims at the same time to share their credentials, transfer money, and do other things that they wouldn’t normally do,” Maciej Pitucha, VP of product and data at Mangopay, told PYMNTS.
Cyber tactics like phishing attacks, which can be highly targeted (spear phishing) or broad-based (mass phishing), often exploit psychological manipulation techniques to increase the likelihood of success.
And ransomware attacks, like those suffered by Change Healthcare, can have devastating consequences for businesses, leading to data loss, financial damage, and disruption of operations.
With these sorts of threats in mind, the bipartisan “Ransomware and Financial Stability Act” was reintroduced last week by House Financial Services Committee Chairman Patrick McHenry (R-N.C.) and Rep. Brittany Pettersen (D-Colo.)
On Tuesday (April 16), the House Financial Services Committee will be holding a hearing entitled “Held for Ransom: How Ransomware Endangers Our Financial System,” meant to help lawmakers understand the growing cyber threat landscape as well as inform policy development to mitigate and impede attacks.
See also: Cybercriminals Are Invading Corporate Inboxes: What Small Businesses Can Do
To mitigate the risk of cyber-attacks, businesses should consider approaches like implementing robust security measures, including regular software updates and patches, employee training on cybersecurity best practices, embracing multi-factor authentication as well as the encryption of sensitive data, and integrating the use of advanced threat detection and prevention technologies.
“The industry in fraud is shifting to real-time learnings because the fraudsters are now real-time. In cyberspace you have something called a zero-day attack, which basically means you’re going to get attacked on day zero, and you’re going to be attacked before you even know what the solution is. Because the bad actors are way ahead of you,” Shimon Steinmetz, chief financial officer at risk assessment and fraud prevention solution Vesta, told PYMNTS.
PYMNTS Intelligence found that 82% of eCommerce merchants endured cyber or data breaches in the last year. Forty-seven percent say the breaches resulted in both lost revenue and lost customers.
“The No. 1 thing that I would start with is good cyber hygiene,” Rosa Ramos-Kwok, managing director and business information security officer for commercial banking at J.P. Morgan, told PYMNTS in a December conversation.