{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
New figures from a leading insurance agency demonstrate just how serious of a threat ransomware has become. How attacks on industrial control systems have evolved. And DOJ teams up with the state of Virginia to pursue coronavirus scammers. This is CyberScoop for Monday, March 23.

Ransomware claims skyrocket

Beazley Breach Response services, a unit of the London-based insurance firm, said Monday that its clients reported 775 ransomware attacks in 2019, a 131% increase over the previous year. The spike was motivated by a combination of factors, including the increased accessibility of pernicious strains of malicious software, higher demands and the simple inability of enterprises to fend off phishing emails or protect remote desktop protocol technology. The numbers are the latest addition to a pervasive ransomware problem that has been difficult to quantify. Victims often do not report attacks to law enforcement, while extortion demands range from thousands to millions of dollars. Meanwhile insurers like Beazley are asked to cover ransomware claims, and typically keep their risk modeling and coverage decisions on such matters private. Jeff Stone has the full report.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Do some defense tools make life easier for ICS hackers?

FireEye on Monday released a study that will fuel the debate in the cybersecurity community about whether publicly available red-teaming tools do more harm than good. Researchers analyzed techniques, ranging from “fuzzers,” which help find weaknesses in software, to infrared tools that can be used to communicate with electric utility meters. Many of these programs can help network defenders. But the bottom line, for the FireEye researchers, is that access to these tools “lowers the barrier for a variety of actors” to develop customized attack methods. Here's the full breakdown.

DOJ, Virginia form anti-fraud task force focused on COVID-19

A new initiative from officials in the Justice Department and the commonwealth of Virginia is aimed at stamping out fraudulent activities that seek to profit off the growing pandemic caused by the novel coronavirus, including online scams that steal money from victims or install malware. The task force’s formation follows a prior memo from U.S. Attorney William Barr, ordering them to prioritize the prosecution of cybercriminals who attempt to exploit the public health crisis. Malicious activity from criminals and state-backed hackers invoking the coronavirus has already surged in recent weeks as the spread of the COVID-19 illness worsens. StateScoop's Benjamin Freed has the story.

No, the head of the World Health Organization didn't email you

Scammers are impersonating Tedros Adhanom Ghebreyesus, the director general of the World Health Organization, attempting to infect victims with malicious software, according to IBM's X-Force threat intelligence team. The messages appear to be urgent WHO alerts, even including personalized messages to recipients. Then, the message directs users to download an email attachment which includes the HawkEye malware, allowing outsiders to steal credentials and other data. "Speaking of prevention drugs and cures in an email that is spoofed to appear directly from the director of the WHO in this current situation is expected to be highly successful," IBM noted. Here's the full report.

Ransomware strikes a equipment supplier in the Midwest

Hackers stole a small trove of data belonging to a third-party vendor that supplies utility equipment to power plants in Missouri. LTI Power Systems, an Ohio firm that provides power supplies and temporary backup equipment to two power plants, had information dated from 1996 through 2017 included in a ransomware server seen by reporters. Ameren Missouri, which operates the power plants in question, told St. Louis Public Radio it has no indication the stolen data is crucial to its operations. It's the latest proof that hackers are trying to use third-party vendors as a gateway into more valuable targets. St. Louis Public Radio broke the story.

Those points programs are a ripe target

Akamai’s Director of Security Technology & Strategy Tony Lauro talks with CyberScoop Editor-in-Chief Greg Otto about hackers’ attempts to crack open customer loyalty programs and what enterprises can do to stop it. “A lot of it’s about the build process,” Lauro told Otto at the 2020 RSA Conference. Watch the full video here.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}