learn more
<https://castlehalldiligence.com>
shutterstock_490960141-1

Industry News: ESG5

      Know Your Breach: Wolfe Eye Clinic

      The target: Wolfe Eye Clinic, an operator of a network of eye clinics throughout Iowa.

      The take: Personally identifiable and medical information of 500,000 current and past patients including names, addresses, birth dates, social security numbers, and, in some cases, medical and health information.

      The attack vector: Wolfe reported that they had been victim of a ransomware attack in February of 2021. They elected not to pay the ransom at the time of the attack, but after a forensic investigation, it was confirmed that a substantial quantity of data was exfiltrated as a part of the attack.

      While ransomware attacks have traditionally limited themselves to encrypting data in-place, allowing firms with robust backup regimens to recover, the vast majority of recent attacks have included an exfiltrated component, in an attempt to ensure that the victim will pay the ransom to prevent sensitive information from being leaked. Commensurate technical controls and a robust security awareness program to prevent employees from falling victims to social engineering scams are critical to preventing ransomware attacks from occurring in the first place.

      Read more...

      Russian Hackers Mounted Cyber Attack on German Banks, Bild Says

      2021-06-30

      BNN Bloomberg: A hacker group linked to the Russian state known as “Fancy Bear” conducted a cyber attack on critical German infrastructure and the country’s banking system in the past few days, Bild newspaper reported, citing unidentified Western intelligence sources.

      Read more...

      Crosspoint Capital Partners Appoints Cybersecurity Specialist as Managing Director

      2021-06-30

      Private Equity Wire: Crosspoint Capital Partners (Crosspoint), a private equity investment firm focused on cybersecurity, privacy, and infrastructure software markets, has appointed Samir Kapuria as Managing Director to help lead the company’s efforts to identify and grow world-class companies in the cybersecurity space.

      Read more...

      UK and Singapore Mark a New Era of Financial Services Cooperation

      2021-06-30

      Yahoo Finance: The UK and Singapore announced the launch of a new Financial Partnership at the sixth UK-Singapore Financial Dialogue that was held virtually today. The Dialogue was chaired by Director General (Financial Services) of HM Treasury (HMT), Ms Katharine Braddick, and Deputy Managing Director (Markets and Development) of the Monetary Authority of Singapore (MAS), Mr Leong Sing Chiong. 

      Read more...

      Drawbridge Names President and COO

      2021-06-29

      Hedge Week: Drawbridge, a provider of cybersecurity software and solutions to the alternative investment industry, has named Scott DePetris as President and Chief Operating Officer (COO) and appointed him to the Board of Directors.

      Read more...

      Paying Up Won't Stop You from Getting Hit Again, Says Cybersecurity Chief

      2021-06-29

      ZDNet: Ireland's Health Service Executive (HSE) has been praised for its response after falling victim to a major ransomware attack and for not giving into cyber criminals and paying a ransom.

      Read more...

      Increase In Ransomware Attacks ‘Absolutely Aligns’ with Rise of crypto, FireEye CEO Says

      2021-06-28

      CNBC: “There’s a direct correlation,” the cybersecurity firm executive said on “Closing Bell.” “When you look at the rise of ransomware, it absolutely aligns with the rise of anonymous digital currencies.”

      Read more...

      Daniel Loeb-backed SentinelOne Hikes IPO Price Range, to Raise Over $1 Billion

      2021-06-28

      Yahoo Finance: Cybersecurity firm SentinelOne Inc, backed by billionaire investor Daniel Loeb's hedge fund Third Point, has boosted the price range for its IPO and is now looking to raise about $1.02 billion, a regulatory filing showed.

      Read more...

      Know Your Breach: Amerigas

      The target: Amerigas, the U.S’s largest propane provider.

      The take: Personally Identifiable Information of 123 employees which included: lab IDs, social security numbers, driver license numbers, and dates of birth.

      The attack vector: The breach occurred when an employee of a third-party vendor, J.J Keller, fell for a phishing email and unknowingly gave away their login credentials to a threat actor. After this, the attacker logged in using the employee’s legitimate credentials and began accessing secure documents and information. 

      Phishing attacks against individual employees remain one of the greatest security threats to the entire organization. Regular social engineering and awareness testing and training, along with tone-from-the-top messaging to emphasize the importance of critical thinking and caution are crucial to protecting sensitive information assets.

      Read more...

      Revealed: FCA Admits to Three Data Breaches Last Year

      2021-06-23

      International Investment: The Financial Conduct Authority (FCA) has admitted that there were three cases of data breaches in 2020 in response to a Freedom of Information (FOI) request submitted by International Investment's sister title Professional Adviser.

      Read more...

      Commission Plans EU Cyber Unit to Tackle Online Crime

      2021-06-23

      O Canada: The European Commission proposed on Wednesday to pool resources and expertise from the EU’s 27 countries for a joint cyber unit to fight online criminals amid a spate of high profile hacks in Europe and worldwide.

      Read more...

      Ransomware Decreases as Cybercriminals Hit More Lucrative Targets

      2021-06-23

      Help Net Security: McAfee released a report examining cybercriminal activity related to malware and the evolution of cyber threats in the first quarter of 2021. The quarter saw cyber adversaries shift from low-return, mass-spread ransomware campaigns toward fewer, customized Ransomware-as-a-Service (RaaS) campaigns targeting larger, more lucrative organizations.

      Read more...

      Labor Bill Would Force Aussie Organisations to Disclose When They Pay Ransoms

      2021-06-21

      ZDNet: The federal opposition has introduced a Bill to Parliament that, if passed, would require organisations to inform the Australian Cyber Security Centre (ACSC) before a payment is made to a criminal organisation in response to a ransomware attack. 

      Read more...

      Cybersecurity Arises As Enticing Investment Sector, Analyst Says

      2021-06-21

      Financial Advisor: Cybersecurity is a top concern for advisory firms and businesses in general, which opens up investing opportunities in companies that are good at building defenses against hacker attacks, according to Pedro Palandrani, research analyst at Global X, a New York City-based financial services firm that specializes in ETFs.

      Read more...

      August Equity Invests in Cyber Security Specialist Integrity360

      2021-06-21

      Private Equity Wire: In addition to the investment funding, Integrity360 founder and CEO Eoin Goulding is partnering with Ian Brown, who joins the company as Executive Chairman, with Goulding taking on the new role of President. Brown, an established entrepreneur and industry veteran has been running technology businesses for over 25 years, including most recently SecureData, the leading UK cyber security services business acquired by Orange in 2019. 

      Read more...

      Cybersecurity Firm SentinelOne Seeks $7 Billion Valuation in NY IPO

      2021-06-21

      The Times of Israel: Cybersecurity firm SentinelOne Inc. has filed a prospectus with the US Securities and Exchange Commission to raise as much as $928 million in an initial public offering of shares on the New York Stock Exchange, aiming for a valuation of over $7 billion.

      Read more...

      Know Your Breach: CVS

      The target: CVS, a U.S-based retailer and pharmacy company.

      The take: Exposure of an estimated one billion records of information including: event and configuration data, visitor IDs, session IDs, device access information, a schematic of the logging system used by the website, and queries for medications including COVID-19 vaccines.

      The attack vector: Misconfigured cloud service database, controlled by a third-party vendor, with no password protection or credential management, letting anyone with an internet connection download and access the data.

      This breach highlights the risk of working with third-party vendors and the importance of regular auditing to ensure they are following best practice when handling data. The storage of sensitive information should follow industry standard practices be managed with proper credential deployment and security, no matter if a firm’s data is on their own servers or in the hands of another party.

      Read more...

      Hybrid Working Increases Cybersecurity Risk

      2021-06-17

      Business Wire: New hybrid working arrangements are placing firms at greater risk of cyberattack. Employers must be confident that staff understand how to stay safe while working from different locations, according to Questionmark, the online assessment provider.

      Read more...

      Senators Unveil Legislation to Crack Down on Cyber Criminals

      2021-06-17

      The Hill: A bipartisan group of senators on Thursday unveiled legislation intended to crack down on cyber criminals, who have increasingly posed a threat to critical U.S. organizations. 

      Read more...

      Four in Five Ransomware Victims Suffer Repeat Attacks

      2021-06-16

      IT Pro: The company published the figure in a report that surveyed cyber security professionals worldwide, with 24% of them based in the US. It found that 46% of the companies targeted a second time were attacked by the same criminals that infected them the first time. 

      Read more...

      UK's Gateley Says Cyberattack Affects Small Portion of Its Data

      2021-06-16

      US News: Legal and professional services group Gateley reported a cyber security breach from a known external source on Wednesday, adding it was confident that the incident was limited to a small portion of its data.

      Read more...

      Biden’s Not-so-veiled Threat to Putin on Cyberattacks

      2021-06-16

      Yahoo Finance: Following his meeting with Russian President Vladimir Putin in Geneva on June 16, President Biden said “there were no threats” exchanged in the two leaders’ conversation. But Biden also delivered what Putin must have considered a serious warning.

      Read more...

      Cybersecurity Firm Exposes Breach Database Containing 5 Billion User Records

      2021-06-15

      Security Week: An investigation revealed that the database stored information that had been compromised in data breaches suffered by various companies over the past years. The database has been used by security analytics firm Cognyte to alert customers when their information is exposed as a result of a data breach suffered by a third party.

      Read more...

      SEC Charges Issuer with Cybersecurity Disclosure Controls Failures

      2021-06-15

      SEC: The Securities and Exchange Commission today announced settled charges against real estate settlement services company First American Financial Corporation for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information.

      Read more...

      Know Your Breach: Carter’s

      The target: Carter’s, a U.S based retailer of baby clothing and apparel.

      The take: An estimated 410,000 records of personally identifiable information including: full names, physical addresses, email addresses, phone numbers, shipping tracking ID’s, and purchases and transaction details.

      The attack vector: The breach occurred because of the failure to implement authentication controls for the URL shortener used on the site. When a customer made a purchase online, they were redirected to the shortened purchase cart page URL which had no credential management. Furthermore, the links were not set to expire, letting anyone with the URL access the sensitive information at any time for any length of time.

      Any page where customer data is stored should follow industry standard practices be managed with proper credential deployment and security. The exposure of detailed personal information makes a firm’s users extremely vulnerable to phishing attacks and fraud.

      Read more...

      U.S. Senate to Probe Whether Legislation Needed to Combat Cyber Attacks

      2021-06-10

      O Canada: U.S. Senate Majority Leader Chuck Schumer said he is initiating a review of recent high-profile cyber attacks on governments and businesses to find out whether a legislative response is needed.

      Read more...

      Serious Cyberattacks in Europe Doubled in the Past Year, New Figures Reveal, as Criminals Exploited the Pandemic

      2021-06-10

      CNN Business: Significant cyberattacks against critical targets in Europe have doubled in the past year, according to new EU figures obtained by CNN, as the pandemic pushed lives indoors and online.

      Read more...

      Drawbridge Launches New Module for Private Equity Funds

      2021-06-09

      Private Equity Wire: The new module gives PE funds a single view to monitor the complete cyber risk profiles of their portfolio companies in real-time. The first offering of its kind in the industry, the module was developed in partnership with Drawbridge clients who have been confronted with a dramatic rise in cyber-attacks on their portfolio companies in terms of both size and frequency.   

      Read more...

      JBS Says it Paid $11 Million Ransom After Cyberattack

      2021-06-09

      CNN Business: The meat supplier JBS USA paid an $11 million ransom in response to a cyberattack that led to the shutdown of its entire US beef processing operation last week, the company said in a statement.

      Read more...

      ExtraHop to be Acquired by Bain Capital Private Equity and Crosspoint Capital Partners

      2021-06-08

      Businesswire: ExtraHop, the leader in cloud-native network detection and response, today announced that it has entered into a definitive agreement to be acquired by Bain Capital Private Equity (“Bain Capital”) and Crosspoint Capital Partners (“Crosspoint Capital”) in a strategic transaction valued at $900 million. 

      Read more...

      At J&J, Some 15.5 Billion Potential Cyberattacks Each Day

      2021-06-08

      Morning Star: Covid-19 vaccines have transformed the global economy. The companies that produce them, meanwhile, already a big target for hackers, have to be more on their toes than ever.

      Read more...

      Deal Activity in Cybersecurity Space Witnessed Fluctuating Fortunes During 2016-2020

      2021-06-08

      Global Data: Venture capital (VC) funding and mergers and acquisitions (M&A) activity in the cybersecurity space fluctuated during 2016-2020, according to GlobalData, a leading and data analytics company.

      Read more...

      Know Your Breach: 20/20 Hearing Care Network

      The target: 20/20 Hearing Care Network, a vision and hearing benefits administrator.

      The take: 3.3 million records of Personally Identifiable Information including: names, addresses, member numbers, date of birth, and health insurance information.

      The attack vector: An unsecured Amazon Web Services cloud storage database server was left online with no password protection. This meant anyone with an internet connection was able to connect and download the data. In addition, after the data was removed by the attackers, it was then deleted.

      This breach highlights the critical importance of firm’s data backups, and if there should be an incident where information is deleted, it’s essential to be able to restore data to fully ascertain the scope of the breach. Proper credential management to ensure accounts and permissions are appropriately deployed and used, is an integral part of maintaining a robust cybersecurity posture.

      Read more...

      Give the Ransomware Threat the Same Priority as Terrorism, says US Official Guidance

      2021-06-04

      Computing: Ransomware gangs should be tracked and disrupted using the same strategies deployed against terrorist groups, US Department of Justice officials have suggested.

      Read more...

      Business Leaders Must Take Urgent Action to Counter Ransomware Threat, White House Warns in Memo

      2021-06-03

      CNBC: The Biden administration is urging corporate executives and business leaders to take immediate steps to prepare for ransomware attacks, warning in a new memo that cybercriminals are shifting from stealing data to disrupting core operations.

      Read more...

      FireEye is Selling its Products Business and Name for $1.2 Billion

      2021-06-02

      CNBC: The U.S. cybersecurity firm said the sale will split Mandiant Solutions, its cyber forensics unit, from its cloud security, network and email products.

      Read more...

      Why a Culture of Silence and Driving Mistakes Underground is Bad for Everyone

      2021-06-02

      ZDNet: Cybersecurity works best when people know that their corporate information security team will be sympathetic to mistakes. That's because, if someone suspects they may have clicked a phishing link or fallen victim to a cyberattack, they're much more likely to be open about it – and that helps the whole organisation stay secure against malicious hackers.

      Read more...

      Two-Thirds of Organizations Plan to Improve Their Cybersecurity in the Wake of Devastating Ransomware Attacks

      2021-06-02

      KnowBe4: With 81% of organizations believing ransomware attacks will become more prevalent in the second half of 2021, nearly everyone is preparing for the worst to come.

      Read more...

      Security Leaders More Concerned About Legal Settlements Than Regulatory Fines

      2021-06-01

      Help Net Security: An overwhelming 90% of security leaders are concerned about group legal settlements following a serious data breach, compared to 85% who are worried about regulatory fines, Egress reveals.

      Read more...

      Reserve Bank Moves to Address Cyber Vulnerability After KPMG Report

      2021-05-31

      RNZ: A report by consultancy KPMG has uncovered shortcomings in the Reserve Bank's data protection practices, which resulted in it becoming a victim of a cyber-attack on the third-party file-sharing application it used to share and store information.

      Read more...