Internal chats exposed, risking company secrets and security, Identity theft on the rise and more. Hear from cybersecurity experts

Do you own a Hyundai? Watch out.

Hyundai Motor Europe encountered a ransomware assault by the Black Basta gang, who boasted about absconding with three terabytes of data. Initially attributing the disruptions to IT problems, Hyundai eventually acknowledged the attack after additional probing. Black Basta, operational since April 2022, has a track record of double-extortion schemes and is suspected of having garnered over $100 million in ransom payments. This incident underscores the persistent threat posed by ransomware actors and highlights the need for robust cybersecurity measures across industries. (bleepingcomputer.com)

My Thoughts: In today's hyper-connected world, the stakes have never been higher. Every connected piece of technology becomes an entry point for threat actors. Be aware of the technology around, whether it be smart phone, connected cameras, smart TV, home appliances etc., you should always proceed with a level of caution. Never divulge too much personal information and limit the reliance and trust when it comes to those connected devices.

When choosing a solution for your enterprise, in hopes of putting up defenses against such sophisticated threats, organizations must adopt a multi-layered security approach. Solutions like SentinelOne's Singularity Platform and security Data Lake (EDR, MDR & XDR) can play a pivotal role in safeguarding network perimeters and preventing unauthorized access to sensitive data by employing a multi surface defense approach.

Ransomware Payments Skyrocket to $1.1 Billion in 2023

Despite hopes of a slowdown in ransomware payments, 2023 marked a stark escalation, with total payouts surpassing $1.1 billion, according to Chainalysis. The year saw a surge in attacks, with cybercriminals exploiting vulnerabilities and earning record profits. (wired.com)

My Thoughts: I think we all knew this was coming. Threat actors are bolder than ever, and enterprises are unfortunately just as vulnerable if not more than last year.

Organizations NEED to adopt a zero-tolerance stance towards ransomware, investing in cutting-edge technologies to fortify their digital fortresses. We cannot afford to underestimate the relentless determination of cybercriminals or the havoc they wreak on our digital infrastructure. Choose a solution which is AI Driven allowing you to see and watch for threats while you or your team may not be able to do so.

Secrets Leaked in Internal Text Message

A Polish company specializing in high-quality measuring instruments, Sonel, inadvertently exposed internal communications, including sensitive data and passwords shared via Rocket.Chat messages. The Cybernews research team discovered an open MongoDB instance containing over 256 gigabytes of messages related to Sonel. The exposed data posed significant security risks, potentially enabling malicious actors to exploit confidential information and compromise organizational security. Sonel addressed the issue after receiving a responsible disclosure email from the research team, but no official comment was provided by the company. This incident highlights the importance of robust system configurations and data protection measures to prevent unauthorized access and mitigate future breaches. (cybernews.com)

My Thoughts: This breach underscores the critical need for companies to prioritize the protection of documents and internal communications. Sonel's oversight could have had dire consequences, with sensitive information ripe for exploitation by malicious actors. The leak of intellectual property in many cases could lead to disastrous consequences when looking at the long-term viability of a business. Moving forward, companies have no choice but to implement robust security protocols and continuously monitor for potential vulnerabilities to prevent similar breaches and prevent long term damage to the enterprise.

The story mentions server misconfiguration as the potential reason for the breach. Enterprises host and maintain a lot of different technology ranging from new and older / legacy versions. It is important to have an up-to-date inventory and ensure any vulnerabilities are quickly addressed to close any gaps stopping threat actors from getting in.

Identity is the new perimeter.

If you have had your ear to the ground in the cybersecurity world in recent months, at some point you probably heard the phrase “Identity is the new perimeter.” Many organizations are faced with many “identity-based attacks” stemming from user credential compromise or simply incorrect or / bad practice user configuration, allowing threat actors to take advantage of this.

‍

See below how identity protection can save your business from incidents like these.

The Ultimate Identity Walkthrough

– Hear from our CTO, Ernesto Pellegrino and SentinelOne’s Subject Matter Expert, Tyler Greenfield

‍