Annapurna Cybersecurity Advisors

The CrowdStrike outage of late July has reportedly caused an estimated $5.4 billion for affected Fortune 500 companies. In addition, almost all airlines were affected, causing another $860 million in estimated losses. Parametrix researchers note that the impact to software and similar industries will likely cause a ripple-effect for companies beyond the Fortune 500. A report from Parametrix advises cyber insurers and risk assessors to "concentrate on mapping, managing and assessing cloud-based service provider exposure." https://lnkd.in/gHiFx-2E

Microsoft 365 and Azure were hit by a worldwide outage on Tuesday, July 30 2024. This comes just two weeks after the global CrowdStrike outage. The incident, which lasted over 10 hours, impacted thousands utilizing a variety of Microsoft services including Microsoft 365 Admin Center, Entra, Intune, and more. Microsoft assures users that Microsoft Teams, OneDrive, Sharepoint and Exchange Online were unaffected. The trigger event is said to have been a Distributed Denial-of-Service (DDoS) attack. The incident is believed to have been exacerbated due to a network infrastructure issue, and customer data does not appear to have been compromised in any way. #microsoft #cybersecurity #familyoffice https://lnkd.in/gnD5izs7

CrowdStrike is a massive cybersecurity company that does business worldwide, investigating major hacks and selling antivirus software. On Friday morning, an outage was caused by "a defect found in a single content update" according to CrowdStrike CEO George Kurtz. The issues are NOT linked to a malicious cyberattack, but are impacting millions. Prominent cybersecurity consultant, Troy Hunt claims that this will be the largest IT outage in history, with the impact having a huge effect on public services and industries. Airports around the globe have seen delayed and canceled flights and hospitals in the UK have been impacted. Currently, CrowdStrike has a workaround explained here: https://lnkd.in/gtZQ5TD4 #cybersecurity #familyoffice

AT&T has revealed that cybercriminals have stolen phone and text records of almost 110 million customers in a cyberattack. AT&T claims that "the stolen data does not contain the contents of calls or texts", but that the leaked data contains call and text records. Along with records, the approximate location can be determined based off of the cell site identification numbers. The data breach has been linked to Snowflake, the cloud data company. Snowflake has been linked to other recent breaches, such as TicketMaster. Snowflake has blamed the customer (in this case, AT&T) for the breach, claiming that multi-factor authentication was not used to secure accounts. Snowflake however, does not require or enforce the security method. AT&T has been reaching out to affected customers as of July 12. #cybersecurity #familyoffice https://lnkd.in/g3hQAaFN

An Australian man running fake Wi-Fi a access point during a flight has been charged. The unnamed man's goal was to steal user credentials and data, according to Australian Federal Police. Users who connected to the malicious network were shown fake login screens for social media sites and prompted for login, giving their credentials to the bad actor. This underscores the importance of using a private VPN on any public Wi-Fi network. https://lnkd.in/eW_nw7EV #cybersecurity #familyoffice

The United States Department of Commerce's Bureau of Industry and Security (BIS) has officially banned Russian antivirus provider, Kaspersky Labs. The BIS states that the company's continued operations pose a national security risk due to the Russian government's influence on the company. Starting on July 20, Kaspersky will no longer be allowed to sell its software to American customers and support for the software will discontinue on September 29. Kaspersky has also been added to the "Entity List", which is described as a "compilation of foreign individuals, companies and organizations deemed to be a national security concern." This is currently a developing story, but users of Kaspersky have been advised to search and implement an alternative during the 100-day period provided. #cybersecurity #familyoffice https://lnkd.in/dGSCXcVt

Chinese state-sponsored threat actors gained access to 20,000 Fortinet systems over the course of 2022 and 2023. The impact of this exploitation has had a wider impact than previously thought. The campaign targeted the systems of Western governments, international organizations and companies in the defense sector. This builds on an advisory from February, which found that the hackers gained access to a computer network used by the Dutch armed forces. This development highlights the trend of cyber criminals targeting key network infrastructure and highlights how critical it is to keep key infrastructure up to date. Do you know if you have Fortinet products? And if so, do you know who is responsible for keeping them up to date? #cybersecurity #familyoffices https://lnkd.in/gDKt-dUu