The big business of cyber attacks and breaches just keeps getting bigger. Bad actors are multiplying and preying on businesses big and small with insecure data and outdated security practices. At just the halfway point in the year, here are the top cyber attacks in 2022 AND how you can avoid them.
Third-party vendor of Red Cross is hacked. An attack on a third-party contractor compromised more than half a million records, including documents that the Red Cross classified as highly vulnerable. Red Cross servers had to be disabled to stop the attack and investigate.
Require any third-party vendors to have cybersecurity protocols that are as good, if not better, than your own. Typically, you are partnering with a third-party because they have more efficient resources than you could afford to manage in-house. Make sure to hold them accountable to proper cyber protection and insurance if applicable.
Ronin gaming platform attacked twice in four months. Ronin was experiencing increasing popularity and dialed back security protocols so its servers could handle a growing audience. That allowed bad actors in, twice, who stole $600 million of cyrptocurrencies.
Never compromise your security stack and protocols. Even if your business isn’t growing, attacks most definitely are. You should be assessing your security posture annually (at least) and making sure you are updating applications and deploying patches as often and as quickly as offered. As your business grows, whether by capacity needs or new technology, make sure your security stack aligns with that growth.
Hacking group cracked FlexBooker servers AND installed malware. FlexBooker is an appointment management business and the vast attack affected around three million of its users whose confidential data was stolen and offered for sale on the dark web. The malware allowed the hackers more time and more access into FlexBooker’s infrastructure.
Your server(s) hold SO much valuable data to your business. It is essential they are protected with daily backups, a trusted antivirus program, and scanned regularly for suspicious activity. Advanced detection and response. Security awareness training is essential! Malware is most likely to be deployed through an unaware email link or attachment click. Make sure your employees are diligently protecting your businesses through their daily work is critical to your overall security posture.
Disgruntled former employee breached Cash App servers. Personally identifiable information including customer names, stock trading information, account numbers, portfolio values, and other sensitive financial information was stolen.
Programs like zero-trust software can help assign job-level restrictions within your network and help avoid an employee accessing a file or application they shouldn’t. Make sure you have documented employee termination procedures (including turning off access and updating passwords), and act on those quickly to help avoid former employee mischief.
There is a LOT to keep up with to protect your business, big or small, from bad actors. Pearl Solutions Group helps businesses with 30-300 technology users implement, manage, and protect their IT infrastructure. Start with a free self-assessment to see where you may have gaps. Learn more about how we help and what resources are available to you.
