Secure your knowledge. Newsletter - August 2023
Welcome to our August newsletter where we showcase our latest blog focusing on the banking world and the imminent threat the industry is facing. The team reviews the latest cyber attacks across the healthcare and retail industries, we provide a product focus on Web Application Firewall (WAF) and API Protection (WAAP), and our cyber tip of the month focuses on PGP Email Security. ??
Grab a coffee and read on below. ??
BLOG ??
Increased internet usage, online banking and digitalization in finance have made financial institutions vulnerable to cybercrime and cyber attacks.?Managing Partner, Patrick Gardner , discusses the latest cyber incidents facing the financial industry and how the costly impact on financial institutions. ??
Read the blog here
THE LATEST CYBER ATTACKS ??
A 40GB dataset allegedly belonging to CareSource , a public healthcare company, has been leaked, including sensitive information such as prescriptions and patient treatment details. It is believed the company fell victim to a ransomware attack, where malware is installed onto a computer and encrypts the data. ??
Clop, or Cl0p, and other ransomware groups have been targeting the healthcare sector, and business associates' vulnerabilities.
Patrick Gardner, C8 Secure’s Managing Partner, says: “This incident is deeply concerning but unfortunately not surprising. Ransomware attacks have seen a rapid escalation over the past few years, with healthcare companies increasingly becoming targets due to the sensitivity of the data they handle and the criticality nature of their services. This incident highlights the grim reality of how these threat actors are unafraid to compromise the private and sensitive information of patients, which can have serious real-life consequences beyond financial loss.
The continuation of Cl0p's activities after the arrest of key members illustrates the hydra-like nature of these cybercriminal networks; cut one head off, and two more seem to appear. As such, a collective effort from law enforcement agencies worldwide, alongside the private sector's investment in cybersecurity, will be critical in disrupting these networks.
Lastly, ransomware attacks are not always just about the ransom. The data exfiltration consequence means that even paying the ransom doesn't guarantee the incident is over. The best defense is still to prevent the breach in the first place.”
HRM Enterprises, owner of the US’s largest independent hardware store, was hit by a cyber attack where more than 40,000 customers’ credit card data was stolen. ??
It is believed that the ecommerce platform provider, Commerce V3, was breached and hence customer information was affected, which potentially included names, full payment card numbers, CVV codes and expiration dates.
领英推荐
Patrick Gardner, C8 Secure’s Managing Partner, explains: “The duration of the breach, lasting over a year, is particularly alarming. For a significant period of time, unauthorized access to critical systems went unnoticed, highlighting a serious gap in the organization's detection and response capabilities. Regular system audits, intrusion detection measures, and active threat hunting are essential components of an effective cybersecurity framework that can help identify and neutralize such threats promptly.
It's also concerning to see that CVV codes were compromised. This data is typically not stored by businesses following PCI DSS standards, indicating a potential compliance issue. Businesses need to adhere to these standards not only to avoid penalties but also to ensure they're doing everything possible to protect customer information.
Quite hypocritical that HRM is advising its customers to diligently monitor their accounts for fraudulent activity. You would expect an organization exposed under these circumstances to take responsibility and offer additional support, such as identity theft protection or credit monitoring services, especially when the breach involves payment card information.”
CYBER TIP OF THE MONTH ??
Topic: PGP Email Security - add an additional layer of security to your sensitive emails.
In the wake of the recent Chinese email hacking incident involving Microsoft Azure, it has become more critical than ever to ensure you have a robust email security posture. This month's tip focuses on an option to better secure your sensitive emails, featuring Pretty Good Privacy (PGP) encryption. While PGP encryption isn't immune to hacking, it can add a significant layer of security that makes unauthorized access to the contents of an email far more challenging. ??
PGP encryption works by encrypting the contents of an email using a public key that is freely shared. The encrypted email can only be decrypted by a private key, which is kept secret and secure by the recipient. This method ensures that even if a hacker intercepts the email while in transit or gains access to the email server where it's stored, they won't be able to decipher its contents without the private key.
This doesn't mean PGP can prevent all types of attacks. If a hacker uses sophisticated phishing tactics or exploits software vulnerabilities to gain control of the recipient's computer or access to the private key, the PGP encryption can be bypassed. Therefore, PGP should be used as part of a comprehensive cybersecurity strategy, not as the sole means of protection.
In the case of the Microsoft Azure incident, where attackers were reportedly able to access emails, had those emails been encrypted with PGP and the private keys properly secured, the contents of the emails would likely remain confidential despite the breach. This is because the attacker, although having access to the emails, would not have the necessary private keys to decrypt them.
However, as always, email security is dependent on multiple factors, and all aspects from encryption to user awareness and behavior should be considered for a robust security approach.
PRODUCT SHOWCASE ??
Over a quarter of all cybersecurity breaches involve web applications, so having a robust Web Application Firewall (WAF) and API Protection (WAAP) in place is essential to mitigate the growing number of threats. ???
C8 Secure has a unique, fully-owned and managed cloud WAF/WAAP solution, hosted in?Continent 8 Technologies?data centers across locations in Asia, Europe and North America. ??
We understand the issues that put enterprises at risk. Our high-performing and low latency, off-net and on-net protection provides improved performance and full protection against OWASP Top 10 threats, zero-day attacks, API and BOT protection. ??
Learn more about C8 Secure at www.c8secure.com