BankInfoSecurity
nickster2407) • February 5, 2021
James Lee, COO, Identity Theft Resource Center
The decline in the total number of U.S. data breaches in 2020 isn t all good news; it reflects that hackers are changing their tactics, says James Lee of the Identity Theft Resource Center, who offers an analysis of the center s new data breach report. We hit our high watermark in terms of the number of breaches in 2017, he notes. Since then, breaches have declined, including a 19% drop last year.
As more hackers focus on lucrative ransomware and business email compromise scams, they don t need to obtain as much data via breaches to be successful, he explains.
Get Permission
The operators of the Nefilim ransomware used the credentials of a deceased system administrator to plant their crypto-locking malware in about 100 vulnerable systems during one attack, according to a recent report published by security firm Sophos.
Nefilim, which is also known as Nemty, is a relatively new ransomware variant; its operators target organizations with unpatched or poorly secured Citrix remote access technology. In December 2020, the ransomware was tied to an attack that targeted appliance maker Whirlpool (see:
The criminal gang s use of the credentials that belonged to a deceased system administrator caught the attention of the Sophos researchers.
Email filtering often misses malicious sites because detection-based techniques find it difficult to continuously build defenses against the large number of phishing sites created daily.
Yet, while email phishing attacks are highly successful, they are also entirely avoidable. Email Isolation provides organizations with the means they need to protect against this common threat without damaging the end user’s experience.
Download to Learn:
What different phishing strategies are employed by bad actors.
How Email Isolation is deployed to protect against phishing links.
How Email Isolation changes incident response for IT teams